diff --git a/jsonnet/kube-prometheus/versions.json b/jsonnet/kube-prometheus/versions.json
index ad2e0a671393cdd9c571897e22dfcf19cb107edd..065ee6b217f296f6f6ca237f515023be9e36840c 100644
--- a/jsonnet/kube-prometheus/versions.json
+++ b/jsonnet/kube-prometheus/versions.json
@@ -1,13 +1,13 @@
{
"alertmanager": "0.25.0",
"blackboxExporter": "0.24.0",
- "grafana": "9.5.2",
+ "grafana": "9.5.3",
"kubeStateMetrics": "2.9.2",
"nodeExporter": "1.6.0",
"prometheus": "2.44.0",
"prometheusAdapter": "0.10.0",
- "prometheusOperator": "0.65.2",
- "kubeRbacProxy": "0.14.1",
+ "prometheusOperator": "0.66.0",
+ "kubeRbacProxy": "0.14.2",
"configmapReload": "0.5.0",
"pyrra": "0.6.3"
}
diff --git a/jsonnetfile.lock.json b/jsonnetfile.lock.json
index df64a9fe1d3d23a8a27d25831e971d3aa7db135d..34981e621291cf39a2070cc039b592f1586d1626 100644
--- a/jsonnetfile.lock.json
+++ b/jsonnetfile.lock.json
@@ -18,8 +18,8 @@
"subdir": "contrib/mixin"
}
},
- "version": "5773d94c2202c7d8e78a7b784805fcd79fe263dc",
- "sum": "6zCXrAUbEtaKb3GQsUIGzwsFqQPYFKFgc9nbhweJHBY="
+ "version": "5e7349b44c450a8be17e9a2961a67837cdc82bde",
+ "sum": "GdePvMDfLQcVhwzk/Ephi/jC27ywGObLB5t0eC0lXd4="
},
{
"source": {
@@ -38,7 +38,7 @@
"subdir": "grafonnet"
}
},
- "version": "f0b70307b8e5f12236b277883d998af129a8211f",
+ "version": "38f3358ccad25a53700a71e3e5b9032e12fe2023",
"sum": "342u++/7rViR/zj2jeJOjshzglkZ1SY+hFNuyCBFMdc="
},
{
@@ -48,7 +48,7 @@
"subdir": "grafonnet-7.0"
}
},
- "version": "f0b70307b8e5f12236b277883d998af129a8211f",
+ "version": "38f3358ccad25a53700a71e3e5b9032e12fe2023",
"sum": "gCtR9s/4D5fxU9aKXg0Bru+/njZhA0YjLjPiASc61FM="
},
{
@@ -58,7 +58,7 @@
"subdir": "grafana-builder"
}
},
- "version": "3b08e7d37511dfd39af6027d07788a5ca8ec71b1",
+ "version": "48da1834254f19d592a33ccfee18159af96be6f3",
"sum": "wp/L/9smcsHIiy24DH5WWMv2fcSckN2Lw/m7qDszaWU="
},
{
@@ -68,8 +68,8 @@
"subdir": ""
}
},
- "version": "b5c70aa61342fbca60b3baa7a652b64aa80c0a9f",
- "sum": "8lDLaXX8zuuWJZn6dOc9e2QNNNRdatYNaFr8h0ine8Q="
+ "version": "003ba5eadfbd69817d1215952133d3ecf99fbd92",
+ "sum": "2ZvQR3ld4JuX0PC3IYMri/jbeW7ko3ni2Ukrz2QnG3M="
},
{
"source": {
@@ -78,7 +78,7 @@
"subdir": "jsonnet/kube-state-metrics"
}
},
- "version": "32cc599309ee873affe345b7bc7af604c25defc6",
+ "version": "3d46fe0f72b6776ec89d21b0a7293e98ba37cb73",
"sum": "+dOzAK+fwsFf97uZpjcjTcEJEC1H8hh/j8f5uIQK/5g="
},
{
@@ -88,7 +88,7 @@
"subdir": "jsonnet/kube-state-metrics-mixin"
}
},
- "version": "32cc599309ee873affe345b7bc7af604c25defc6",
+ "version": "3d46fe0f72b6776ec89d21b0a7293e98ba37cb73",
"sum": "qclI7LwucTjBef3PkGBkKxF0mfZPbHnn4rlNWKGtR4c="
},
{
@@ -98,7 +98,7 @@
"subdir": "jsonnet/mixin"
}
},
- "version": "bb8188bb80ff275d3e3d1f5906f9981c0218f1d4",
+ "version": "ed057efaf11da8411192ceab42db7c6cd8c7e919",
"sum": "n3flMIzlADeyygb0uipZ4KPp2uNSjdtkrwgHjTC7Ca4=",
"name": "prometheus-operator-mixin"
},
@@ -109,8 +109,8 @@
"subdir": "jsonnet/prometheus-operator"
}
},
- "version": "bb8188bb80ff275d3e3d1f5906f9981c0218f1d4",
- "sum": "JdQ4Jk53T4ngD9D5IsInyxSXt/63npQ9OGkRZO4azT8="
+ "version": "ed057efaf11da8411192ceab42db7c6cd8c7e919",
+ "sum": "4GvtM8IwMm38fTqnE4G8CZslf5AOzxXezmlC164vuYU="
},
{
"source": {
@@ -119,7 +119,7 @@
"subdir": "doc/alertmanager-mixin"
}
},
- "version": "5adc7369c838c31fcbaa7d413951a2dc01ae87ae",
+ "version": "90a8acd27661db09c9d9f1b4a2d4574a24466c76",
"sum": "PsK+V7oETCPKu2gLoPfqY0wwPKH9TzhNj6o2xezjjXc=",
"name": "alertmanager"
},
@@ -130,7 +130,7 @@
"subdir": "docs/node-mixin"
}
},
- "version": "ff7f9d69b645cb691dd3e84dc3afc88f5c006962",
+ "version": "d1b634fb80653168b0cd9c8bc39b6795ab043a84",
"sum": "aFUI56y6Y8EpniS4cfYqrSaHFnxeomIw4S4+Sz8yPtQ="
},
{
@@ -140,8 +140,8 @@
"subdir": "documentation/prometheus-mixin"
}
},
- "version": "a8772a41782758e8153c494dcd207e770d8421a4",
- "sum": "LRx0tbMnoE1p8KEn+i81j2YsA5Sgt3itE5Y6jBf5eOQ=",
+ "version": "86a7064dcfc0828a10520888a188c46731986b3c",
+ "sum": "WkRzFpnseUc/Ev8I2QBLxAC4vkPwLHeOGUw5QemCsMU=",
"name": "prometheus"
},
{
@@ -151,7 +151,7 @@
"subdir": "config/crd/bases"
}
},
- "version": "a81d58f4f14583f93618a789c1854743e08e256a",
+ "version": "0fc65ce927ab0985a847a4433e7d2f4b9716cb30",
"sum": "MK8+uumteRncS0hkyjocvU2vdtlGbfBRPcU0/mJnU2M="
},
{
@@ -161,8 +161,8 @@
"subdir": "mixin"
}
},
- "version": "eea398e7efd525e9ba02ceefce0546867ff2c882",
- "sum": "zSLNV/0bN4DcVKojzCqjmhfjtzTY4pDKZXqbAUzw5R0=",
+ "version": "b7a7522f9766ad06f53d465921c94c98b08a15da",
+ "sum": "EX2IUc+b27WsvIQrUldoXP5hkI6n0QI8juw45xAdA/U=",
"name": "thanos-mixin"
},
{
diff --git a/manifests/blackboxExporter-deployment.yaml b/manifests/blackboxExporter-deployment.yaml
index 2087d0519a501e03b6c6bedcc2cb10be2b630b31..93cbae33cc42985c7da7b8f98694565505fb5351 100644
--- a/manifests/blackboxExporter-deployment.yaml
+++ b/manifests/blackboxExporter-deployment.yaml
@@ -85,7 +85,7 @@ spec:
- --secure-listen-address=:9115
- --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- --upstream=http://127.0.0.1:19115/
- image: quay.io/brancz/kube-rbac-proxy:v0.14.1
+ image: quay.io/brancz/kube-rbac-proxy:v0.14.2
name: kube-rbac-proxy
ports:
- containerPort: 9115
diff --git a/manifests/grafana-config.yaml b/manifests/grafana-config.yaml
index 84312a36c31d7dc07c0cac66f50940cea4b5b42a..9c491c39f28a5eb019a6bf569c14c823610b3b71 100644
--- a/manifests/grafana-config.yaml
+++ b/manifests/grafana-config.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-config
namespace: monitoring
stringData:
diff --git a/manifests/grafana-dashboardDatasources.yaml b/manifests/grafana-dashboardDatasources.yaml
index a3d015d34202f40645db3f575bc0f7bde8f50dac..ab12c33d2f47c72b8ae3b0e0ab5b8f5b2d3d6e0d 100644
--- a/manifests/grafana-dashboardDatasources.yaml
+++ b/manifests/grafana-dashboardDatasources.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-datasources
namespace: monitoring
stringData:
diff --git a/manifests/grafana-dashboardDefinitions.yaml b/manifests/grafana-dashboardDefinitions.yaml
index fa980bdce8bef06617341ea3bd3368f73de9197c..3cd8cda6e31250054c6e65d1728aaa57d647ea38 100644
--- a/manifests/grafana-dashboardDefinitions.yaml
+++ b/manifests/grafana-dashboardDefinitions.yaml
@@ -600,7 +600,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-alertmanager-overview
namespace: monitoring
- apiVersion: v1
@@ -2361,7 +2361,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-apiserver
namespace: monitoring
- apiVersion: v1
@@ -4232,7 +4232,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-cluster-total
namespace: monitoring
- apiVersion: v1
@@ -5411,7 +5411,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-controller-manager
namespace: monitoring
- apiVersion: v1
@@ -6036,7 +6036,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-grafana-overview
namespace: monitoring
- apiVersion: v1
@@ -9113,7 +9113,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-k8s-resources-cluster
namespace: monitoring
- apiVersion: v1
@@ -10488,7 +10488,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-k8s-resources-multicluster
namespace: monitoring
- apiVersion: v1
@@ -13274,7 +13274,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-k8s-resources-namespace
namespace: monitoring
- apiVersion: v1
@@ -14289,7 +14289,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-k8s-resources-node
namespace: monitoring
- apiVersion: v1
@@ -16747,7 +16747,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-k8s-resources-pod
namespace: monitoring
- apiVersion: v1
@@ -18760,7 +18760,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-k8s-resources-workload
namespace: monitoring
- apiVersion: v1
@@ -20938,7 +20938,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-k8s-resources-workloads-namespace
namespace: monitoring
- apiVersion: v1
@@ -23181,7 +23181,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-kubelet
namespace: monitoring
- apiVersion: v1
@@ -24634,7 +24634,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-namespace-by-pod
namespace: monitoring
- apiVersion: v1
@@ -26359,7 +26359,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-namespace-by-workload
namespace: monitoring
- apiVersion: v1
@@ -27411,7 +27411,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-node-cluster-rsrc-use
namespace: monitoring
- apiVersion: v1
@@ -28489,7 +28489,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-node-rsrc-use
namespace: monitoring
- apiVersion: v1
@@ -29551,7 +29551,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-nodes-darwin
namespace: monitoring
- apiVersion: v1
@@ -30606,7 +30606,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-nodes
namespace: monitoring
- apiVersion: v1
@@ -31182,7 +31182,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-persistentvolumesusage
namespace: monitoring
- apiVersion: v1
@@ -32399,7 +32399,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-pod-total
namespace: monitoring
- apiVersion: v1
@@ -34058,7 +34058,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-prometheus-remote-write
namespace: monitoring
- apiVersion: v1
@@ -35282,7 +35282,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-prometheus
namespace: monitoring
- apiVersion: v1
@@ -36542,7 +36542,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-proxy
namespace: monitoring
- apiVersion: v1
@@ -37643,7 +37643,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-scheduler
namespace: monitoring
- apiVersion: v1
@@ -39070,7 +39070,7 @@ items:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboard-workload-total
namespace: monitoring
kind: ConfigMapList
diff --git a/manifests/grafana-dashboardSources.yaml b/manifests/grafana-dashboardSources.yaml
index 10626de3353520941f92bc62fb08fc32afa2f4b6..b3af416b7e52860bdd8c7c4b80ca7414fa7e0b2d 100644
--- a/manifests/grafana-dashboardSources.yaml
+++ b/manifests/grafana-dashboardSources.yaml
@@ -22,6 +22,6 @@ metadata:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana-dashboards
namespace: monitoring
diff --git a/manifests/grafana-deployment.yaml b/manifests/grafana-deployment.yaml
index a35184571920410c031ae372f98406dea98abfe5..06f1ec69612638e2236ae03ff876426718c5ebad 100644
--- a/manifests/grafana-deployment.yaml
+++ b/manifests/grafana-deployment.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana
namespace: monitoring
spec:
@@ -18,19 +18,19 @@ spec:
template:
metadata:
annotations:
- checksum/grafana-config: f6c93c986d2c50845c10914e382be89d
- checksum/grafana-dashboardproviders: d745af05a8a365888f1900debe97c976
- checksum/grafana-datasources: ce571e301f5c58c0119e126342cdf81c
+ checksum/grafana-config: 5c598ba58d9b65011bdbb3864138399a
+ checksum/grafana-dashboardproviders: c9c1743868aa1c3dab60d2c402e2dcf0
+ checksum/grafana-datasources: 5ef0e6acaa5b4e8603740fbad440717d
labels:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
spec:
automountServiceAccountToken: false
containers:
- env: []
- image: grafana/grafana:9.5.2
+ image: grafana/grafana:9.5.3
name: grafana
ports:
- containerPort: 3000
diff --git a/manifests/grafana-networkPolicy.yaml b/manifests/grafana-networkPolicy.yaml
index 7fef158d0f3b6d0304ad1e70422112a3ca71f449..62cf11cd6a8cf8b99dad448838fcbb746013f506 100644
--- a/manifests/grafana-networkPolicy.yaml
+++ b/manifests/grafana-networkPolicy.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana
namespace: monitoring
spec:
diff --git a/manifests/grafana-prometheusRule.yaml b/manifests/grafana-prometheusRule.yaml
index 03618a714a9ab9df37e665e2fc5368819c089112..7572cf0006e901b5d2939f7fbde31b733d276153 100644
--- a/manifests/grafana-prometheusRule.yaml
+++ b/manifests/grafana-prometheusRule.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
prometheus: k8s
role: alert-rules
name: grafana-rules
diff --git a/manifests/grafana-service.yaml b/manifests/grafana-service.yaml
index 8baf8a16624824c11211f0d01d5e66f2b13f8a69..1fad5b80b70a76649acc44699caf62d0a5a31d3c 100644
--- a/manifests/grafana-service.yaml
+++ b/manifests/grafana-service.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana
namespace: monitoring
spec:
diff --git a/manifests/grafana-serviceAccount.yaml b/manifests/grafana-serviceAccount.yaml
index 1962c9450298f910d5b89454d38f3bb0ab0d8a05..d0fa1790b9239f93fe35152783603650c00ab368 100644
--- a/manifests/grafana-serviceAccount.yaml
+++ b/manifests/grafana-serviceAccount.yaml
@@ -6,6 +6,6 @@ metadata:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana
namespace: monitoring
diff --git a/manifests/grafana-serviceMonitor.yaml b/manifests/grafana-serviceMonitor.yaml
index 3569e6565459a78672eda683844def0964f21e3c..c64ad37b808df09cbbd823e44f1d8801ec9f6ff9 100644
--- a/manifests/grafana-serviceMonitor.yaml
+++ b/manifests/grafana-serviceMonitor.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 9.5.2
+ app.kubernetes.io/version: 9.5.3
name: grafana
namespace: monitoring
spec:
diff --git a/manifests/kubeStateMetrics-deployment.yaml b/manifests/kubeStateMetrics-deployment.yaml
index 68eca57b872a3ca0195bb339ad34371e9b294e90..0e0a3ce969a36ba6a8352b00d75edfddba576f99 100644
--- a/manifests/kubeStateMetrics-deployment.yaml
+++ b/manifests/kubeStateMetrics-deployment.yaml
@@ -56,7 +56,7 @@ spec:
- --secure-listen-address=:8443
- --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- --upstream=http://127.0.0.1:8081/
- image: quay.io/brancz/kube-rbac-proxy:v0.14.1
+ image: quay.io/brancz/kube-rbac-proxy:v0.14.2
name: kube-rbac-proxy-main
ports:
- containerPort: 8443
@@ -82,7 +82,7 @@ spec:
- --secure-listen-address=:9443
- --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- --upstream=http://127.0.0.1:8082/
- image: quay.io/brancz/kube-rbac-proxy:v0.14.1
+ image: quay.io/brancz/kube-rbac-proxy:v0.14.2
name: kube-rbac-proxy-self
ports:
- containerPort: 9443
diff --git a/manifests/kubernetesControlPlane-prometheusRule.yaml b/manifests/kubernetesControlPlane-prometheusRule.yaml
index 5a5fc55e707acd8036240248b48411b9844889c1..e62b251836c65d184482030c963c3bfdc7eaa9e9 100644
--- a/manifests/kubernetesControlPlane-prometheusRule.yaml
+++ b/manifests/kubernetesControlPlane-prometheusRule.yaml
@@ -565,7 +565,7 @@ spec:
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeaggregatedapierrors
summary: Kubernetes aggregated API has reported errors.
expr: |
- sum by(name, namespace, cluster)(increase(aggregator_unavailable_apiservice_total[10m])) > 4
+ sum by(name, namespace, cluster)(increase(aggregator_unavailable_apiservice_total{job="apiserver"}[10m])) > 4
labels:
severity: warning
- alert: KubeAggregatedAPIDown
@@ -574,7 +574,7 @@ spec:
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeaggregatedapidown
summary: Kubernetes aggregated API is down.
expr: |
- (1 - max by(name, namespace, cluster)(avg_over_time(aggregator_unavailable_apiservice[10m]))) * 100 < 85
+ (1 - max by(name, namespace, cluster)(avg_over_time(aggregator_unavailable_apiservice{job="apiserver"}[10m]))) * 100 < 85
for: 5m
labels:
severity: warning
@@ -1090,7 +1090,7 @@ spec:
verb: write
record: code:apiserver_request_total:increase30d
- expr: |
- sum by (cluster, verb, scope) (increase(apiserver_request_slo_duration_seconds_count[1h]))
+ sum by (cluster, verb, scope) (increase(apiserver_request_slo_duration_seconds_count{job="apiserver"}[1h]))
record: cluster_verb_scope:apiserver_request_slo_duration_seconds_count:increase1h
- expr: |
sum by (cluster, verb, scope) (avg_over_time(cluster_verb_scope:apiserver_request_slo_duration_seconds_count:increase1h[30d]) * 24 * 30)
diff --git a/manifests/nodeExporter-daemonset.yaml b/manifests/nodeExporter-daemonset.yaml
index 6c1290e08de00881fd4fef1171c3a6a4d0a8d0d4..3dd55747d7094d3f92d0276a85ffd372d5fa32ef 100644
--- a/manifests/nodeExporter-daemonset.yaml
+++ b/manifests/nodeExporter-daemonset.yaml
@@ -73,7 +73,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: status.podIP
- image: quay.io/brancz/kube-rbac-proxy:v0.14.1
+ image: quay.io/brancz/kube-rbac-proxy:v0.14.2
name: kube-rbac-proxy
ports:
- containerPort: 9100
diff --git a/manifests/prometheus-prometheusRule.yaml b/manifests/prometheus-prometheusRule.yaml
index 5fd4d48ca8913a4cb18a433b2cbbbd32b93b180d..a32b0ceef7eea50ba9553eed9ddc8e2c3e03c300 100644
--- a/manifests/prometheus-prometheusRule.yaml
+++ b/manifests/prometheus-prometheusRule.yaml
@@ -27,6 +27,16 @@ spec:
for: 10m
labels:
severity: critical
+ - alert: PrometheusSDRefreshFailure
+ annotations:
+ description: Prometheus {{$labels.namespace}}/{{$labels.pod}} has failed to refresh SD with mechanism {{$labels.mechanism}}.
+ runbook_url: https://runbooks.prometheus-operator.dev/runbooks/prometheus/prometheussdrefreshfailure
+ summary: Failed Prometheus SD refresh.
+ expr: |
+ increase(prometheus_sd_refresh_failures_total{job="prometheus-k8s",namespace="monitoring"}[10m]) > 0
+ for: 20m
+ labels:
+ severity: warning
- alert: PrometheusNotificationQueueRunningFull
annotations:
description: Alert notification queue of Prometheus {{$labels.namespace}}/{{$labels.pod}} is running full.
diff --git a/manifests/prometheusOperator-clusterRole.yaml b/manifests/prometheusOperator-clusterRole.yaml
index f603b3fce4d1cfb0073fa69a8e778dd2430bbfc0..7027045540826a61297b7498c687b40a16fae9ab 100644
--- a/manifests/prometheusOperator-clusterRole.yaml
+++ b/manifests/prometheusOperator-clusterRole.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 0.65.2
+ app.kubernetes.io/version: 0.66.0
name: prometheus-operator
rules:
- apiGroups:
diff --git a/manifests/prometheusOperator-clusterRoleBinding.yaml b/manifests/prometheusOperator-clusterRoleBinding.yaml
index 213f7707ff82ff77b5157e98cb4ed9c873df5ffc..a375f5d67ccdf99e5c01ffec207866a42e774135 100644
--- a/manifests/prometheusOperator-clusterRoleBinding.yaml
+++ b/manifests/prometheusOperator-clusterRoleBinding.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 0.65.2
+ app.kubernetes.io/version: 0.66.0
name: prometheus-operator
roleRef:
apiGroup: rbac.authorization.k8s.io
diff --git a/manifests/prometheusOperator-deployment.yaml b/manifests/prometheusOperator-deployment.yaml
index be3417b7a15caff6b7fc5458aec90e80706b9e82..4cf7a6d5d5e67b87a9eb1130d309f0b40b3ee046 100644
--- a/manifests/prometheusOperator-deployment.yaml
+++ b/manifests/prometheusOperator-deployment.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 0.65.2
+ app.kubernetes.io/version: 0.66.0
name: prometheus-operator
namespace: monitoring
spec:
@@ -23,14 +23,14 @@ spec:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 0.65.2
+ app.kubernetes.io/version: 0.66.0
spec:
automountServiceAccountToken: true
containers:
- args:
- --kubelet-service=kube-system/kubelet
- - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.65.2
- image: quay.io/prometheus-operator/prometheus-operator:v0.65.2
+ - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.66.0
+ image: quay.io/prometheus-operator/prometheus-operator:v0.66.0
name: prometheus-operator
ports:
- containerPort: 8080
@@ -53,7 +53,7 @@ spec:
- --secure-listen-address=:8443
- --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- --upstream=http://127.0.0.1:8080/
- image: quay.io/brancz/kube-rbac-proxy:v0.14.1
+ image: quay.io/brancz/kube-rbac-proxy:v0.14.2
name: kube-rbac-proxy
ports:
- containerPort: 8443
diff --git a/manifests/prometheusOperator-networkPolicy.yaml b/manifests/prometheusOperator-networkPolicy.yaml
index 7d1a975a084a94257b597f64b0312c64d3549e02..8b7c944a7ef96d80169537118f8fe43309654520 100644
--- a/manifests/prometheusOperator-networkPolicy.yaml
+++ b/manifests/prometheusOperator-networkPolicy.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 0.65.2
+ app.kubernetes.io/version: 0.66.0
name: prometheus-operator
namespace: monitoring
spec:
diff --git a/manifests/prometheusOperator-prometheusRule.yaml b/manifests/prometheusOperator-prometheusRule.yaml
index aafb5d80e30158816fad3d1222de689dabcc32a4..5e1e9f3d82ecd7c4255410748b632fdb66791987 100644
--- a/manifests/prometheusOperator-prometheusRule.yaml
+++ b/manifests/prometheusOperator-prometheusRule.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 0.65.2
+ app.kubernetes.io/version: 0.66.0
prometheus: k8s
role: alert-rules
name: prometheus-operator-rules
diff --git a/manifests/prometheusOperator-service.yaml b/manifests/prometheusOperator-service.yaml
index d30265a9f17289ea9d18150570da876fdf1720d3..5f11f684c0c5c3c144a4de568400e1c24eb0afca 100644
--- a/manifests/prometheusOperator-service.yaml
+++ b/manifests/prometheusOperator-service.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 0.65.2
+ app.kubernetes.io/version: 0.66.0
name: prometheus-operator
namespace: monitoring
spec:
diff --git a/manifests/prometheusOperator-serviceAccount.yaml b/manifests/prometheusOperator-serviceAccount.yaml
index 6367f8e20fa2a9770d4555870f8befebfd9990ed..568e30caedd66e4091d9f4652768eaca88872e1b 100644
--- a/manifests/prometheusOperator-serviceAccount.yaml
+++ b/manifests/prometheusOperator-serviceAccount.yaml
@@ -6,6 +6,6 @@ metadata:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 0.65.2
+ app.kubernetes.io/version: 0.66.0
name: prometheus-operator
namespace: monitoring
diff --git a/manifests/prometheusOperator-serviceMonitor.yaml b/manifests/prometheusOperator-serviceMonitor.yaml
index 48015856e950cbe0294bafdac764d0b03dec0a43..b8fb5cabf27cb1f17be25c47aa4c446ef40d6e5f 100644
--- a/manifests/prometheusOperator-serviceMonitor.yaml
+++ b/manifests/prometheusOperator-serviceMonitor.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 0.65.2
+ app.kubernetes.io/version: 0.66.0
name: prometheus-operator
namespace: monitoring
spec:
@@ -21,4 +21,4 @@ spec:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 0.65.2
+ app.kubernetes.io/version: 0.66.0
diff --git a/manifests/setup/0alertmanagerConfigCustomResourceDefinition.yaml b/manifests/setup/0alertmanagerConfigCustomResourceDefinition.yaml
index 5c8b76db98d5279356448e023bf16c92117f5790..97bde9e7682aebcaf39d2dbc7881754235f81ac2 100644
--- a/manifests/setup/0alertmanagerConfigCustomResourceDefinition.yaml
+++ b/manifests/setup/0alertmanagerConfigCustomResourceDefinition.yaml
@@ -2065,7 +2065,7 @@ spec:
description: Configures AWS's Signature Verification 4 signing process to sign requests.
properties:
accessKey:
- description: AccessKey is the AWS API key. If blank, the environment variable `AWS_ACCESS_KEY_ID` is used.
+ description: AccessKey is the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used.
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
@@ -2090,7 +2090,7 @@ spec:
description: RoleArn is the named AWS profile used to authenticate.
type: string
secretKey:
- description: SecretKey is the AWS API secret. If blank, the environment variable `AWS_SECRET_ACCESS_KEY` is used.
+ description: SecretKey is the AWS API secret. If not specified, the environment variable `AWS_SECRET_ACCESS_KEY` is used.
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
diff --git a/manifests/setup/0alertmanagerCustomResourceDefinition.yaml b/manifests/setup/0alertmanagerCustomResourceDefinition.yaml
index e334639f40320bc03349dd9aedee41d3ff72590d..f800bebf64fc3997689caab778d0a1913e3b64ce 100644
--- a/manifests/setup/0alertmanagerCustomResourceDefinition.yaml
+++ b/manifests/setup/0alertmanagerCustomResourceDefinition.yaml
@@ -929,6 +929,72 @@ spec:
- key
type: object
x-kubernetes-map-type: atomic
+ smtp:
+ description: Configures global SMTP parameters.
+ properties:
+ authIdentity:
+ description: SMTP Auth using PLAIN
+ type: string
+ authPassword:
+ description: SMTP Auth using LOGIN and PLAIN.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ authSecret:
+ description: SMTP Auth using CRAM-MD5.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ authUsername:
+ description: SMTP Auth using CRAM-MD5, LOGIN and PLAIN. If empty, Alertmanager doesn't authenticate to the SMTP server.
+ type: string
+ from:
+ description: The default SMTP From header field.
+ type: string
+ hello:
+ description: The default hostname to identify to the SMTP server.
+ type: string
+ requireTLS:
+ description: The default SMTP TLS requirement. Note that Go does not support unencrypted connections to remote SMTP endpoints.
+ type: boolean
+ smartHost:
+ description: The default SMTP smarthost used for sending emails.
+ properties:
+ host:
+ description: Defines the host's address, it can be a DNS name or a literal IP address.
+ minLength: 1
+ type: string
+ port:
+ description: Defines the host's port, it can be a literal port number or a port name.
+ minLength: 1
+ type: string
+ required:
+ - host
+ - port
+ type: object
+ type: object
type: object
name:
description: The name of the AlertmanagerConfig resource which is used to generate the Alertmanager configuration. It must be defined in the same namespace as the Alertmanager object. The operator will not enforce a `namespace` label for routes and inhibition rules.
@@ -974,6 +1040,9 @@ spec:
type: object
type: array
type: object
+ automountServiceAccountToken:
+ description: 'AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. If the service account has `automountServiceAccountToken: true`, set the field to `false` to opt out of automounting API credentials.'
+ type: boolean
baseImage:
description: 'Base image that is used to deploy pods, without tag. Deprecated: use ''image'' instead'
type: string
@@ -2892,10 +2961,10 @@ spec:
description: Storage is the definition of how storage will be used by the Alertmanager instances.
properties:
disableMountSubPath:
- description: 'Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. DisableMountSubPath allows to remove any subPath usage in volume mounts.'
+ description: '*Deprecated: subPath usage will be removed in a future release.*'
type: boolean
emptyDir:
- description: 'EmptyDirVolumeSource to be used by the StatefulSet. If specified, used in place of any volumeClaimTemplate. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
+ description: 'EmptyDirVolumeSource to be used by the StatefulSet. If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
properties:
medium:
description: 'medium represents what type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
@@ -2909,7 +2978,7 @@ spec:
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: 'EphemeralVolumeSource to be used by the StatefulSet. This is a beta field in k8s 1.21, for lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
+ description: 'EphemeralVolumeSource to be used by the StatefulSet. This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
properties:
volumeClaimTemplate:
description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
@@ -3044,7 +3113,7 @@ spec:
type: object
type: object
volumeClaimTemplate:
- description: A PVC spec to be used by the StatefulSet. The easiest way to use a volume that cannot be automatically provisioned (for whatever reason) is to use a label selector alongside manually created PersistentVolumes.
+ description: Defines the PVC spec to be used by the Prometheus StatefulSets. The easiest way to use a volume that cannot be automatically provisioned is to use a label selector alongside manually created PersistentVolumes.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
@@ -3070,7 +3139,7 @@ spec:
type: string
type: object
spec:
- description: 'Spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+ description: 'Defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
accessModes:
description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
@@ -3192,7 +3261,7 @@ spec:
type: string
type: object
status:
- description: 'Status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+ description: '*Deprecated: this field is never set.*'
properties:
accessModes:
description: 'accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
diff --git a/manifests/setup/0prometheusCustomResourceDefinition.yaml b/manifests/setup/0prometheusCustomResourceDefinition.yaml
index 7cbc645710e1e17a3d4e5204e8e101bbb8849e3a..d48961ea494fb27d4a1d931424abcc625f325404 100644
--- a/manifests/setup/0prometheusCustomResourceDefinition.yaml
+++ b/manifests/setup/0prometheusCustomResourceDefinition.yaml
@@ -62,7 +62,7 @@ spec:
description: 'Specification of the desired behavior of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
properties:
additionalAlertManagerConfigs:
- description: 'AdditionalAlertManagerConfigs allows specifying a key of a Secret containing additional Prometheus AlertManager configurations. AlertManager configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config. As AlertManager configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade.'
+ description: "AdditionalAlertManagerConfigs specifies a key of a Secret containing additional Prometheus Alertmanager configurations. The Alertmanager configurations are appended to the configuration generated by the Prometheus Operator. They must be formatted according to the official Prometheus documentation: \n https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config \n The user is responsible for making sure that the configurations are valid \n Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade."
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
@@ -78,7 +78,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
additionalAlertRelabelConfigs:
- description: 'AdditionalAlertRelabelConfigs allows specifying a key of a Secret containing additional Prometheus alert relabel configurations. Alert relabel configurations specified are appended to the configurations generated by the Prometheus Operator. Alert relabel configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. As alert relabel configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible alert relabel configs are going to break Prometheus after the upgrade.'
+ description: "AdditionalAlertRelabelConfigs specifies a key of a Secret containing additional Prometheus alert relabel configurations. The alert relabel configurations are appended to the configuration generated by the Prometheus Operator. They must be formatted according to the official Prometheus documentation: \n https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs \n The user is responsible for making sure that the configurations are valid \n Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible alert relabel configs are going to break Prometheus after the upgrade."
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
@@ -94,7 +94,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
additionalArgs:
- description: AdditionalArgs allows setting additional arguments for the Prometheus container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Prometheus container which may cause issues if they are invalid or not supported by the given Prometheus version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument the reconciliation will fail and an error will be logged.
+ description: "AdditionalArgs allows setting additional arguments for the 'prometheus' container. \n It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Prometheus container which may cause issues if they are invalid or not supported by the given Prometheus version. \n In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument, the reconciliation will fail and an error will be logged."
items:
description: Argument as part of the AdditionalArgs list.
properties:
@@ -126,7 +126,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
affinity:
- description: If specified, the pod's scheduling constraints.
+ description: Defines the Pods' affinity scheduling rules if specified.
properties:
nodeAffinity:
description: Describes node affinity scheduling rules for the pod.
@@ -598,7 +598,7 @@ spec:
type: object
type: object
alerting:
- description: Define details regarding alerting.
+ description: Defines the settings related to Alertmanager.
properties:
alertmanagers:
description: AlertmanagerEndpoints Prometheus should fire alerts against.
@@ -812,10 +812,10 @@ spec:
- alertmanagers
type: object
allowOverlappingBlocks:
- description: AllowOverlappingBlocks enables vertical compaction and vertical query merge in Prometheus. This is still experimental in Prometheus so it may change in any upcoming release.
+ description: "AllowOverlappingBlocks enables vertical compaction and vertical query merge in Prometheus. \n *Deprecated: this flag has no effect for Prometheus >= 2.39.0 where overlapping blocks are enabled by default.*"
type: boolean
apiserverConfig:
- description: APIServerConfig allows specifying a host and auth methods to access apiserver. If left empty, Prometheus is assumed to run inside of the cluster and will discover API servers automatically and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
+ description: 'APIServerConfig allows specifying a host and auth methods to access the Kuberntees API server. If null, Prometheus is assumed to run inside of the cluster: it will discover the API servers automatically and use the Pod''s CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.'
properties:
authorization:
description: Authorization section for accessing apiserver
@@ -999,13 +999,13 @@ spec:
- host
type: object
arbitraryFSAccessThroughSMs:
- description: ArbitraryFSAccessThroughSMs configures whether configuration based on a service monitor can access arbitrary files on the file system of the Prometheus container e.g. bearer token files.
+ description: When true, ServiceMonitor, PodMonitor and Probe object are forbidden to reference arbitrary files on the file system of the 'prometheus' container. When a ServiceMonitor's endpoint specifies a `bearerTokenFile` value (e.g. '/var/run/secrets/kubernetes.io/serviceaccount/token'), a malicious target can get access to the Prometheus service account's token in the Prometheus' scrape request. Setting `spec.arbitraryFSAccessThroughSM` to 'true' would prevent the attack. Users should instead provide the credentials using the `spec.bearerTokenSecret` field.
properties:
deny:
type: boolean
type: object
baseImage:
- description: 'Base image to use for a Prometheus deployment. Deprecated: use ''image'' instead'
+ description: '*Deprecated: use ''spec.image'' instead.*'
type: string
configMaps:
description: ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-<configmap-name>`. The ConfigMaps are mounted into /etc/prometheus/configmaps/<configmap-name> in the 'prometheus' container.
@@ -1013,7 +1013,7 @@ spec:
type: string
type: array
containers:
- description: 'Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a Prometheus pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `prometheus`, `config-reloader`, and `thanos-sidecar`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.'
+ description: "Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to the Pods or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. \n The names of containers managed by the operator are: * `prometheus` * `config-reloader` * `thanos-sidecar` \n Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice."
items:
description: A single application container that you want to run within a pod.
properties:
@@ -1831,53 +1831,53 @@ spec:
type: object
type: array
disableCompaction:
- description: Disable prometheus compaction.
+ description: When true, the Prometheus compaction is disabled.
type: boolean
enableAdminAPI:
- description: 'Enable access to prometheus web admin API. Defaults to the value of `false`. WARNING: Enabling the admin APIs enables mutating endpoints, to delete data, shutdown Prometheus, and more. Enabling this should be done with care and the user is advised to add additional authentication authorization via a proxy to ensure only clients authorized to perform these actions can do so. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis'
+ description: "Enables access to the Prometheus web admin API. \n WARNING: Enabling the admin APIs enables mutating endpoints, to delete data, shutdown Prometheus, and more. Enabling this should be done with care and the user is advised to add additional authentication authorization via a proxy to ensure only clients authorized to perform these actions can do so. \n For more information: https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis"
type: boolean
enableFeatures:
- description: Enable access to Prometheus disabled features. By default, no features are enabled. Enabling disabled features is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/
+ description: "Enable access to Prometheus feature flags. By default, no features are enabled. \n Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. \n For more information see https://prometheus.io/docs/prometheus/latest/feature_flags/"
items:
type: string
type: array
enableRemoteWriteReceiver:
- description: 'Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. Defaults to the value of `false`. WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver Only valid in Prometheus versions 2.33.0 and newer.'
+ description: "Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. \n WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver \n It requires Prometheus >= v2.33.0."
type: boolean
enforcedBodySizeLimit:
- description: 'EnforcedBodySizeLimit defines the maximum size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. Example: 100MB. If defined, the limit will apply to all service/pod monitors and probes. This is an experimental feature, this behaviour could change or be removed in the future. Only valid in Prometheus versions 2.28.0 and newer.'
+ description: "When defined, enforcedBodySizeLimit specifies a global limit on the size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. \n It requires Prometheus >= v2.28.0."
pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$
type: string
enforcedLabelLimit:
- description: Per-scrape limit on number of labels that will be accepted for a sample. If more than this number of labels are present post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
+ description: "When defined, enforcedLabelLimit specifies a global limit on the number of labels per sample. The value overrides any `spec.labelLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelLimit` is greater than zero and less than `spec.enforcedLabelLimit`. \n It requires Prometheus >= v2.27.0."
format: int64
type: integer
enforcedLabelNameLengthLimit:
- description: Per-scrape limit on length of labels name that will be accepted for a sample. If a label name is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
+ description: "When defined, enforcedLabelNameLengthLimit specifies a global limit on the length of labels name per sample. The value overrides any `spec.labelNameLengthLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelNameLengthLimit` is greater than zero and less than `spec.enforcedLabelNameLengthLimit`. \n It requires Prometheus >= v2.27.0."
format: int64
type: integer
enforcedLabelValueLengthLimit:
- description: Per-scrape limit on length of labels value that will be accepted for a sample. If a label value is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
+ description: "When not null, enforcedLabelValueLengthLimit defines a global limit on the length of labels value per sample. The value overrides any `spec.labelValueLengthLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelValueLengthLimit` is greater than zero and less than `spec.enforcedLabelValueLengthLimit`. \n It requires Prometheus >= v2.27.0."
format: int64
type: integer
enforcedNamespaceLabel:
- description: "EnforcedNamespaceLabel If set, a label will be added to \n 1. all user-metrics (created by `ServiceMonitor`, `PodMonitor` and `Probe` objects) and 2. in all `PrometheusRule` objects (except the ones excluded in `prometheusRulesExcludedFromEnforce`) to * alerting & recording rules and * the metrics used in their expressions (`expr`). \n Label name is this field's value. Label value is the namespace of the created object (mentioned above)."
+ description: "When not empty, a label will be added to \n 1. All metrics scraped from `ServiceMonitor`, `PodMonitor`, `Probe` and `ScrapeConfig` objects. 2. All metrics generated from recording rules defined in `PrometheusRule` objects. 3. All alerts generated from alerting rules defined in `PrometheusRule` objects. 4. All vector selectors of PromQL expressions defined in `PrometheusRule` objects. \n The label will not added for objects referenced in `spec.excludedFromEnforcement`. \n The label's name is this field's value. The label's value is the namespace of the `ServiceMonitor`, `PodMonitor`, `Probe` or `PrometheusRule` object."
type: string
enforcedSampleLimit:
- description: EnforcedSampleLimit defines global limit on number of scraped samples that will be accepted. This overrides any SampleLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the SampleLimit to keep overall number of samples/series under the desired limit. Note that if SampleLimit is lower that value will be taken instead.
+ description: "When defined, enforcedSampleLimit specifies a global limit on the number of scraped samples that will be accepted. This overrides any `spec.sampleLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.sampleLimit` is greater than zero and less than than `spec.enforcedSampleLimit`. \n It is meant to be used by admins to keep the overall number of samples/series under a desired limit."
format: int64
type: integer
enforcedTargetLimit:
- description: EnforcedTargetLimit defines a global limit on the number of scraped targets. This overrides any TargetLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the TargetLimit to keep the overall number of targets under the desired limit. Note that if TargetLimit is lower, that value will be taken instead, except if either value is zero, in which case the non-zero value will be used. If both values are zero, no limit is enforced.
+ description: "When defined, enforcedTargetLimit specifies a global limit on the number of scraped targets. The value overrides any `spec.targetLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.targetLimit` is greater than zero and less than `spec.enforcedTargetLimit`. \n It is meant to be used by admins to to keep the overall number of targets under a desired limit."
format: int64
type: integer
evaluationInterval:
default: 30s
- description: 'Interval between consecutive evaluations. Default: `30s`'
+ description: 'Interval between rule evaluations. Default: "30s"'
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
excludedFromEnforcement:
- description: List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true.
+ description: "List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. \n It is only applicable if `spec.enforcedNamespaceLabel` set to true."
items:
description: ObjectReference references a PodMonitor, ServiceMonitor, Probe or PrometheusRule object.
properties:
@@ -1888,7 +1888,7 @@ spec:
- monitoring.coreos.com
type: string
name:
- description: Name of the referent. When not set, all resources are matched.
+ description: Name of the referent. When not set, all resources in the namespace are matched.
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
@@ -1908,7 +1908,7 @@ spec:
type: object
type: array
exemplars:
- description: Exemplars related settings that are runtime reloadable. It requires to enable the exemplar storage feature to be effective.
+ description: Exemplars related settings that are runtime reloadable. It requires to enable the `exemplar-storage` feature flag to be effective.
properties:
maxSize:
description: Maximum number of exemplars stored in memory for all series. If not set, Prometheus uses its default value. A value of zero or less than zero disables the storage.
@@ -1918,13 +1918,13 @@ spec:
externalLabels:
additionalProperties:
type: string
- description: The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager).
+ description: The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager). Labels defined by `spec.replicaExternalLabelName` and `spec.prometheusExternalLabelName` take precedence over this list.
type: object
externalUrl:
- description: The external URL the Prometheus instances will be available under. This is necessary to generate correct URLs. This is necessary if Prometheus is not served from root of a DNS name.
+ description: The external URL under which the Prometheus service is externally available. This is necessary to generate correct URLs (for instance if Prometheus is accessible behind an Ingress resource).
type: string
hostAliases:
- description: Pods' hostAliases configuration
+ description: Optional list of hosts and IPs that will be injected into the Pod's hosts file if specified.
items:
description: HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
properties:
@@ -1945,13 +1945,13 @@ spec:
- ip
x-kubernetes-list-type: map
hostNetwork:
- description: Use the host's network namespace if true. Make sure to understand the security implications if you want to enable it. When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically.
+ description: "Use the host's network namespace if true. \n Make sure to understand the security implications if you want to enable it (https://kubernetes.io/docs/concepts/configuration/overview/). \n When hostNetwork is enabled, this will set the DNS policy to `ClusterFirstWithHostNet` automatically."
type: boolean
ignoreNamespaceSelectors:
- description: IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from all PodMonitor, ServiceMonitor and Probe objects. They will only discover endpoints within the namespace of the PodMonitor, ServiceMonitor and Probe objects. Defaults to false.
+ description: When true, `spec.namespaceSelector` from all PodMonitor, ServiceMonitor and Probe objects will be ignored. They will only discover targets within the namespace of the PodMonitor, ServiceMonitor and Probe objec.
type: boolean
image:
- description: Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Prometheus is being configured.
+ description: "Container image name for Prometheus. If specified, it takes precedence over the `spec.baseImage`, `spec.tag` and `spec.sha` fields. \n Specifying `spec.version` is still necessary to ensure the Prometheus Operator knows which version of Prometheus is being configured. \n If neither `spec.image` nor `spec.baseImage` are defined, the operator will use the latest upstream version of Prometheus available at the time when the operator was released."
type: string
imagePullPolicy:
description: Image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details.
@@ -1962,7 +1962,7 @@ spec:
- IfNotPresent
type: string
imagePullSecrets:
- description: An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
+ description: An optional list of references to Secrets in the same namespace to use for pulling images from registries. See http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
items:
description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
properties:
@@ -1973,7 +1973,7 @@ spec:
x-kubernetes-map-type: atomic
type: array
initContainers:
- description: 'InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. The current init container name is: `init-config-reloader`. Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.'
+ description: "InitContainers allows injecting initContainers to the Pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. \n The names of init container name managed by the operator are: * `init-config-reloader`. \n Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice."
items:
description: A single application container that you want to run within a pod.
properties:
@@ -2791,17 +2791,17 @@ spec:
type: object
type: array
listenLocal:
- description: ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP.
+ description: When true, the Prometheus server listens on the loopback address instead of the Pod IP's address.
type: boolean
logFormat:
- description: Log format for Prometheus to be configured with.
+ description: Log format for Log level for Prometheus and the config-reloader sidecar.
enum:
- ""
- logfmt
- json
type: string
logLevel:
- description: Log level for Prometheus to be configured with.
+ description: Log level for Prometheus and the config-reloader sidecar.
enum:
- ""
- debug
@@ -2810,13 +2810,13 @@ spec:
- error
type: string
minReadySeconds:
- description: Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate.
+ description: "Minimum number of seconds for which a newly created Pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) \n This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate."
format: int32
type: integer
nodeSelector:
additionalProperties:
type: string
- description: Define which Nodes the Pods are scheduled on.
+ description: Defines on which Nodes the Pods are scheduled.
type: object
overrideHonorLabels:
description: When true, Prometheus resolves label conflicts by renaming the labels in the scraped data to "exported_<label value>" for all targets created from service and pod monitors. Otherwise the HonorLabels field of the service or pod monitor applies.
@@ -2828,7 +2828,7 @@ spec:
description: When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects.
type: boolean
podMetadata:
- description: PodMetadata configures Labels and Annotations which are propagated to the prometheus pods.
+ description: PodMetadata configures labels and annotations which are propagated to the Prometheus pods.
properties:
annotations:
additionalProperties:
@@ -2845,7 +2845,7 @@ spec:
type: string
type: object
podMonitorNamespaceSelector:
- description: Namespace's labels to match for PodMonitor discovery. If nil, only check own namespace.
+ description: Namespaces to match for PodMonitors discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -2876,7 +2876,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
podMonitorSelector:
- description: "*Experimental* PodMonitors to be selected for target discovery. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
+ description: "*Experimental* PodMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is *deprecated* and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -2907,19 +2907,19 @@ spec:
type: object
x-kubernetes-map-type: atomic
podTargetLabels:
- description: PodTargetLabels are added to all Pod/ServiceMonitors' podTargetLabels
+ description: PodTargetLabels are appended to the `spec.podTargetLabels` field of all PodMonitor and ServiceMonitor objects.
items:
type: string
type: array
portName:
default: web
- description: Port name used for the pods and governing service. Defaults to `web`.
+ description: 'Port name used for the pods and governing service. Default: "web"'
type: string
priorityClassName:
- description: Priority class assigned to the Pods
+ description: Priority class assigned to the Pods.
type: string
probeNamespaceSelector:
- description: '*Experimental* Namespaces to be selected for Probe discovery. If nil, only check own namespace.'
+ description: '*Experimental* Namespaces to match for Probe discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only.'
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -2950,7 +2950,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
probeSelector:
- description: "*Experimental* Probes to be selected for target discovery. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
+ description: "*Experimental* Probes to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is *deprecated* and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -2981,18 +2981,18 @@ spec:
type: object
x-kubernetes-map-type: atomic
prometheusExternalLabelName:
- description: Name of Prometheus external label used to denote Prometheus instance name. Defaults to the value of `prometheus`. External label will _not_ be added when value is set to empty string (`""`).
+ description: "Name of Prometheus external label used to denote the Prometheus instance name. The external label will _not_ be added when the field is set to the empty string (`\"\"`). \n Default: \"prometheus\""
type: string
prometheusRulesExcludedFromEnforce:
- description: 'PrometheusRulesExcludedFromEnforce - list of prometheus rules to be excluded from enforcing of adding namespace labels. Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair. Deprecated: use excludedFromEnforcement instead.'
+ description: 'Defines the list of PrometheusRule objects to which the namespace label enforcement doesn''t apply. This is only relevant when `spec.enforcedNamespaceLabel` is set to true. *Deprecated: use `spec.excludedFromEnforcement` instead.*'
items:
description: PrometheusRuleExcludeConfig enables users to configure excluded PrometheusRule names and their namespaces to be ignored while enforcing namespace label for alerts and metrics.
properties:
ruleName:
- description: RuleNamespace - name of excluded rule
+ description: Name of the excluded PrometheusRule object.
type: string
ruleNamespace:
- description: RuleNamespace - namespace of excluded rule
+ description: Namespace of the excluded PrometheusRule object.
type: string
required:
- ruleName
@@ -3000,7 +3000,7 @@ spec:
type: object
type: array
query:
- description: QuerySpec defines the query command line flags when starting Prometheus.
+ description: QuerySpec defines the configuration of the Promethus query service.
properties:
lookbackDelta:
description: The delta difference allowed for retrieving metrics during expression evaluations.
@@ -3020,15 +3020,15 @@ spec:
type: string
type: object
queryLogFile:
- description: QueryLogFile specifies the file to which PromQL queries are logged. If the filename has an empty path, e.g. 'query.log', prometheus-operator will mount the file into an emptyDir volume at `/var/log/prometheus`. If a full path is provided, e.g. /var/log/prometheus/query.log, you must mount a volume in the specified directory and it must be writable. This is because the prometheus container runs with a read-only root filesystem for security reasons. Alternatively, the location can be set to a stdout location such as `/dev/stdout` to log query information to the default Prometheus log stream. This is only available in versions of Prometheus >= 2.16.0. For more details, see the Prometheus docs (https://prometheus.io/docs/guides/query-log/)
+ description: "queryLogFile specifies where the file to which PromQL queries are logged. \n If the filename has an empty path, e.g. 'query.log', The Prometheus Pods will mount the file into an emptyDir volume at `/var/log/prometheus`. If a full path is provided, e.g. '/var/log/prometheus/query.log', you must mount a volume in the specified directory and it must be writable. This is because the prometheus container runs with a read-only root filesystem for security reasons. Alternatively, the location can be set to a standard I/O stream, e.g. `/dev/stdout`, to log query information to the default Prometheus log stream."
type: string
remoteRead:
- description: remoteRead is the list of remote read configurations.
+ description: Defines the list of remote read configurations.
items:
description: RemoteReadSpec defines the configuration for Prometheus to read back samples from a remote endpoint.
properties:
authorization:
- description: Authorization section for remote read
+ description: "Authorization section for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot be set at the same time as `basicAuth`, or `oauth2`."
properties:
credentials:
description: The secret's key that contains the credentials of the request
@@ -3054,7 +3054,7 @@ spec:
type: string
type: object
basicAuth:
- description: BasicAuth for the URL.
+ description: "BasicAuth configuration for the URL. \n Cannot be set at the same time as `authorization`, or `oauth2`."
properties:
password:
description: The secret in the service monitor namespace that contains the password for authentication.
@@ -3090,16 +3090,16 @@ spec:
x-kubernetes-map-type: atomic
type: object
bearerToken:
- description: Bearer token for remote read.
+ description: "*Warning: this field shouldn't used because the token value appears in clear-text. Prefer using `authorization`.* \n *Deprecated: this will be removed in a future release.*"
type: string
bearerTokenFile:
- description: File to read bearer token for remote read.
+ description: "File from which to read bearer token for the URL. \n *Deprecated: this will be removed in a future release. Prefer using `authorization`.*"
type: string
filterExternalLabels:
- description: Whether to use the external labels as selectors for the remote read endpoint. Requires Prometheus v2.34.0 and above.
+ description: "Whether to use the external labels as selectors for the remote read endpoint. \n It requires Prometheus >= v2.34.0."
type: boolean
followRedirects:
- description: Configure whether HTTP requests follow HTTP 3xx redirects. Requires Prometheus v2.26.0 and above.
+ description: "Configure whether HTTP requests follow HTTP 3xx redirects. \n It requires Prometheus >= v2.26.0."
type: boolean
headers:
additionalProperties:
@@ -3107,10 +3107,10 @@ spec:
description: Custom HTTP headers to be sent along with each remote read request. Be aware that headers that are set by Prometheus itself can't be overwritten. Only valid in Prometheus versions 2.26.0 and newer.
type: object
name:
- description: The name of the remote read queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate read configurations. Only valid in Prometheus versions 2.15.0 and newer.
+ description: "The name of the remote read queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate read configurations. \n It requires Prometheus >= v2.15.0."
type: string
oauth2:
- description: OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
+ description: "OAuth2 configuration for the URL. \n It requires Prometheus >= v2.27.0. \n Cannot be set at the same time as `authorization`, or `basicAuth`."
properties:
clientId:
description: The secret or configmap containing the OAuth2 client id
@@ -3199,7 +3199,7 @@ spec:
description: An optional list of equality matchers which have to be present in a selector to query the remote read endpoint.
type: object
tlsConfig:
- description: TLS Config to use for remote read.
+ description: TLS Config to use for the URL.
properties:
ca:
description: Certificate authority used when verifying server certificates.
@@ -3313,12 +3313,12 @@ spec:
type: object
type: array
remoteWrite:
- description: remoteWrite is the list of remote write configurations.
+ description: Defines the list of remote write configurations.
items:
description: RemoteWriteSpec defines the configuration to write samples from Prometheus to a remote endpoint.
properties:
authorization:
- description: Authorization section for remote write
+ description: "Authorization section for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot be set at the same time as `sigv4`, `basicAuth`, or `oauth2`."
properties:
credentials:
description: The secret's key that contains the credentials of the request
@@ -3344,7 +3344,7 @@ spec:
type: string
type: object
basicAuth:
- description: BasicAuth for the URL.
+ description: "BasicAuth configuration for the URL. \n Cannot be set at the same time as `sigv4`, `authorization`, or `oauth2`."
properties:
password:
description: The secret in the service monitor namespace that contains the password for authentication.
@@ -3380,15 +3380,15 @@ spec:
x-kubernetes-map-type: atomic
type: object
bearerToken:
- description: Bearer token for remote write.
+ description: "*Warning: this field shouldn't used because the token value appears in clear-text. Prefer using `authorization`.* \n *Deprecated: this will be removed in a future release.*"
type: string
bearerTokenFile:
- description: File to read bearer token for remote write.
+ description: "File from which to read bearer token for the URL. \n *Deprecated: this will be removed in a future release. Prefer using `authorization`.*"
type: string
headers:
additionalProperties:
type: string
- description: Custom HTTP headers to be sent along with each remote write request. Be aware that headers that are set by Prometheus itself can't be overwritten. Only valid in Prometheus versions 2.25.0 and newer.
+ description: "Custom HTTP headers to be sent along with each remote write request. Be aware that headers that are set by Prometheus itself can't be overwritten. \n It requires Prometheus >= v2.25.0."
type: object
metadataConfig:
description: MetadataConfig configures the sending of series metadata to the remote storage.
@@ -3402,10 +3402,10 @@ spec:
type: string
type: object
name:
- description: The name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. Only valid in Prometheus versions 2.15.0 and newer.
+ description: "The name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. \n It requires Prometheus >= v2.15.0."
type: string
oauth2:
- description: OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
+ description: "OAuth2 configuration for the URL. \n It requires Prometheus >= v2.27.0. \n Cannot be set at the same time as `sigv4`, `authorization`, or `basicAuth`."
properties:
clientId:
description: The secret or configmap containing the OAuth2 client id
@@ -3517,16 +3517,16 @@ spec:
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
sendExemplars:
- description: Enables sending of exemplars over remote write. Note that exemplar-storage itself must be enabled using the enableFeature option for exemplars to be scraped in the first place. Only valid in Prometheus versions 2.27.0 and newer.
+ description: "Enables sending of exemplars over remote write. Note that exemplar-storage itself must be enabled using the `spec.enableFeature` option for exemplars to be scraped in the first place. \n It requires Prometheus >= v2.27.0."
type: boolean
sendNativeHistograms:
- description: Enables sending of native histograms, also known as sparse histograms over remote write. Only valid in Prometheus versions 2.40.0 and newer.
+ description: "Enables sending of native histograms, also known as sparse histograms over remote write. \n It requires Prometheus >= v2.40.0."
type: boolean
sigv4:
- description: Sigv4 allows to configures AWS's Signature Verification 4
+ description: "Sigv4 allows to configures AWS's Signature Verification 4 for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot be set at the same time as `authorization`, `basicAuth`, or `oauth2`."
properties:
accessKey:
- description: AccessKey is the AWS API key. If blank, the environment variable `AWS_ACCESS_KEY_ID` is used.
+ description: AccessKey is the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used.
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
@@ -3551,7 +3551,7 @@ spec:
description: RoleArn is the named AWS profile used to authenticate.
type: string
secretKey:
- description: SecretKey is the AWS API secret. If blank, the environment variable `AWS_SECRET_ACCESS_KEY` is used.
+ description: SecretKey is the AWS API secret. If not specified, the environment variable `AWS_SECRET_ACCESS_KEY` is used.
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
@@ -3568,7 +3568,7 @@ spec:
x-kubernetes-map-type: atomic
type: object
tlsConfig:
- description: TLS Config to use for remote write.
+ description: TLS Config to use for the URL.
properties:
ca:
description: Certificate authority used when verifying server certificates.
@@ -3739,14 +3739,14 @@ spec:
type: object
type: array
replicaExternalLabelName:
- description: Name of Prometheus external label used to denote replica name. Defaults to the value of `prometheus_replica`. External label will _not_ be added when value is set to empty string (`""`).
+ description: "Name of Prometheus external label used to denote the replica name. The external label will _not_ be added when the field is set to the empty string (`\"\"`). \n Default: \"prometheus_replica\""
type: string
replicas:
- description: Number of replicas of each shard to deploy for a Prometheus deployment. Number of replicas multiplied by shards is the total number of Pods created.
+ description: "Number of replicas of each shard to deploy for a Prometheus deployment. `spec.replicas` multiplied by `spec.shards` is the total number of Pods created. \n Default: 1"
format: int32
type: integer
resources:
- description: Define resources requests and limits for single Pods.
+ description: Defines the resources requests and limits of the 'prometheus' container.
properties:
claims:
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
@@ -3783,18 +3783,18 @@ spec:
type: object
type: object
retention:
- description: Time duration Prometheus shall retain data for. Default is '24h' if retentionSize is not set, and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` (milliseconds seconds minutes hours days weeks years).
+ description: "How long to retain the Prometheus data. \n Default: \"24h\" if `spec.retention` and `spec.retentionSize` are empty."
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
retentionSize:
- description: Maximum amount of disk space used by blocks.
+ description: Maximum number of bytes used by the Prometheus data.
pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$
type: string
routePrefix:
- description: The route prefix Prometheus registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`.
+ description: "The route prefix Prometheus registers HTTP handlers for. \n This is useful when using `spec.externalURL`, and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`."
type: string
ruleNamespaceSelector:
- description: Namespaces to be selected for PrometheusRules discovery. If unspecified, only the same namespace as the Prometheus object is in is used.
+ description: Namespaces to match for PrometheusRule discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -3825,7 +3825,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
ruleSelector:
- description: A selector to select which PrometheusRules to mount for loading alerting/recording rules from. Until (excluding) Prometheus Operator v0.24.0 Prometheus Operator will migrate any legacy rule ConfigMaps to PrometheusRule custom resources selected by RuleSelector. Make sure it does not match any config maps that you do not want to be migrated.
+ description: PrometheusRule objects to be selected for rule evaluation. An empty label selector matches all objects. A null label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -3856,7 +3856,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
rules:
- description: /--rules.*/ command-line arguments.
+ description: Defines the configuration of the Prometheus rules' engine.
properties:
alert:
description: /--rules.alert.*/ command-line arguments
@@ -3873,7 +3873,7 @@ spec:
type: object
type: object
scrapeConfigNamespaceSelector:
- description: Namespace's labels to match for ScrapeConfig discovery. If nil, only check own namespace.
+ description: Namespaces to match for ScrapeConfig discovery. An empty label selector matches all namespaces. A null label selector matches the current current namespace only.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -3904,7 +3904,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
scrapeConfigSelector:
- description: "*Experimental* ScrapeConfigs to be selected for target discovery. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
+ description: "*Experimental* ScrapeConfigs to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is *deprecated* and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -3936,11 +3936,11 @@ spec:
x-kubernetes-map-type: atomic
scrapeInterval:
default: 30s
- description: 'Interval between consecutive scrapes. Default: `30s`'
+ description: "Interval between consecutive scrapes. \n Default: \"30s\""
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
scrapeTimeout:
- description: Number of seconds to wait for target to respond before erroring.
+ description: Number of seconds to wait until a scrape request times out.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
secrets:
@@ -4040,7 +4040,7 @@ spec:
description: ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.
type: string
serviceMonitorNamespaceSelector:
- description: Namespace's labels to match for ServiceMonitor discovery. If nil, only check own namespace.
+ description: Namespaces to match for ServicedMonitors discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -4071,7 +4071,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
serviceMonitorSelector:
- description: "ServiceMonitors to be selected for target discovery. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
+ description: "ServiceMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is *deprecated* and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -4102,20 +4102,20 @@ spec:
type: object
x-kubernetes-map-type: atomic
sha:
- description: 'SHA of Prometheus container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use ''image'' instead. The image digest can be specified as part of the image URL.'
+ description: '*Deprecated: use ''spec.image'' instead. The image''s digest can be specified as part of the image name.*'
type: string
shards:
- description: 'EXPERIMENTAL: Number of shards to distribute targets onto. Number of replicas multiplied by shards is the total number of Pods created. Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally use Thanos sidecar and Thanos querier or remote write data to a central location. Sharding is done on the content of the `__address__` target meta-label.'
+ description: "EXPERIMENTAL: Number of shards to distribute targets onto. `spec.replicas` multiplied by `spec.shards` is the total number of Pods created. \n Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally, use Thanos sidecar and Thanos querier or remote write data to a central location. \n Sharding is performed on the content of the `__address__` target meta-label for PodMonitors and ServiceMonitors and `__param_target__` for Probes. \n Default: 1"
format: int32
type: integer
storage:
- description: Storage spec to specify how storage shall be used.
+ description: Storage defines the storage used by Prometheus.
properties:
disableMountSubPath:
- description: 'Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. DisableMountSubPath allows to remove any subPath usage in volume mounts.'
+ description: '*Deprecated: subPath usage will be removed in a future release.*'
type: boolean
emptyDir:
- description: 'EmptyDirVolumeSource to be used by the StatefulSet. If specified, used in place of any volumeClaimTemplate. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
+ description: 'EmptyDirVolumeSource to be used by the StatefulSet. If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
properties:
medium:
description: 'medium represents what type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
@@ -4129,7 +4129,7 @@ spec:
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: 'EphemeralVolumeSource to be used by the StatefulSet. This is a beta field in k8s 1.21, for lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
+ description: 'EphemeralVolumeSource to be used by the StatefulSet. This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
properties:
volumeClaimTemplate:
description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
@@ -4264,7 +4264,7 @@ spec:
type: object
type: object
volumeClaimTemplate:
- description: A PVC spec to be used by the StatefulSet. The easiest way to use a volume that cannot be automatically provisioned (for whatever reason) is to use a label selector alongside manually created PersistentVolumes.
+ description: Defines the PVC spec to be used by the Prometheus StatefulSets. The easiest way to use a volume that cannot be automatically provisioned is to use a label selector alongside manually created PersistentVolumes.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
@@ -4290,7 +4290,7 @@ spec:
type: string
type: object
spec:
- description: 'Spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+ description: 'Defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
accessModes:
description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
@@ -4412,7 +4412,7 @@ spec:
type: string
type: object
status:
- description: 'Status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+ description: '*Deprecated: this field is never set.*'
properties:
accessModes:
description: 'accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
@@ -4476,13 +4476,13 @@ spec:
type: object
type: object
tag:
- description: 'Tag of Prometheus container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. Deprecated: use ''image'' instead. The image tag can be specified as part of the image URL.'
+ description: '*Deprecated: use ''spec.image'' instead. The image''s tag can be specified as part of the image name.*'
type: string
thanos:
- description: "Thanos configuration allows configuring various aspects of a Prometheus server in a Thanos environment. \n This section is experimental, it may change significantly without deprecation notice in any release."
+ description: "Defines the configuration of the optional Thanos sidecar. \n This section is experimental, it may change significantly without deprecation notice in any release."
properties:
additionalArgs:
- description: AdditionalArgs allows setting additional arguments for the Thanos container. The arguments are passed as-is to the Thanos container which may cause issues if they are invalid or not supported the given Thanos version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument the reconciliation will fail and an error will be logged.
+ description: AdditionalArgs allows setting additional arguments for the Thanos container. The arguments are passed as-is to the Thanos container which may cause issues if they are invalid or not supported the given Thanos version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument, the reconciliation will fail and an error will be logged.
items:
description: Argument as part of the AdditionalArgs list.
properties:
@@ -4498,11 +4498,11 @@ spec:
type: object
type: array
baseImage:
- description: 'Thanos base image if other than default. Deprecated: use ''image'' instead'
+ description: '*Deprecated: use ''image'' instead.*'
type: string
blockSize:
default: 2h
- description: 'BlockDuration controls the size of TSDB blocks produced by Prometheus. Default is 2h to match the upstream Prometheus defaults. WARNING: Changing the block duration can impact the performance and efficiency of the entire Prometheus/Thanos stack due to how it interacts with memory and Thanos compactors. It is recommended to keep this value set to a multiple of 120 times your longest scrape or rule interval. For example, 30s * 120 = 1h.'
+ description: "BlockDuration controls the size of TSDB blocks produced by Prometheus. The default value is 2h to match the upstream Prometheus defaults. \n WARNING: Changing the block duration can impact the performance and efficiency of the entire Prometheus/Thanos stack due to how it interacts with memory and Thanos compactors. It is recommended to keep this value set to a multiple of 120 times your longest scrape or rule interval. For example, 30s * 120 = 1h."
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
getConfigInterval:
@@ -4514,10 +4514,10 @@ spec:
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
grpcListenLocal:
- description: If true, the Thanos sidecar listens on the loopback interface for the gRPC endpoints. It has no effect if `listenLocal` is true.
+ description: "When true, the Thanos sidecar listens on the loopback interface instead of the Pod IP's address for the gRPC endpoints. \n It has no effect if `listenLocal` is true."
type: boolean
grpcServerTlsConfig:
- description: 'GRPCServerTLSConfig configures the TLS parameters for the gRPC server providing the StoreAPI. Note: Currently only the CAFile, CertFile, and KeyFile fields are supported. Maps to the ''--grpc-server-tls-*'' CLI args.'
+ description: "Configures the TLS parameters for the gRPC server providing the StoreAPI. \n Note: Currently only the `caFile`, `certFile`, and `keyFile` fields are supported."
properties:
ca:
description: Certificate authority used when verifying server certificates.
@@ -4624,23 +4624,23 @@ spec:
type: string
type: object
httpListenLocal:
- description: If true, the Thanos sidecar listens on the loopback interface for the HTTP endpoints. It has no effect if `listenLocal` is true.
+ description: "When true, the Thanos sidecar listens on the loopback interface instead of the Pod IP's address for the HTTP endpoints. \n It has no effect if `listenLocal` is true."
type: boolean
image:
- description: Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Thanos is being configured.
+ description: "Container image name for Thanos. If specified, it takes precedence over the `spec.thanos.baseImage`, `spec.thanos.tag` and `spec.thanos.sha` fields. \n Specifying `spec.thanos.version` is still necessary to ensure the Prometheus Operator knows which version of Thanos is being configured. \n If neither `spec.thanos.image` nor `spec.thanos.baseImage` are defined, the operator will use the latest upstream version of Thanos available at the time when the operator was released."
type: string
listenLocal:
- description: 'If true, the Thanos sidecar listens on the loopback interface for the HTTP and gRPC endpoints. It takes precedence over `grpcListenLocal` and `httpListenLocal`. Deprecated: use `grpcListenLocal` and `httpListenLocal` instead.'
+ description: '*Deprecated: use `grpcListenLocal` and `httpListenLocal` instead.*'
type: boolean
logFormat:
- description: LogFormat for Thanos sidecar to be configured with.
+ description: Log format for the Thanos sidecar.
enum:
- ""
- logfmt
- json
type: string
logLevel:
- description: LogLevel for Thanos sidecar to be configured with.
+ description: Log level for the Thanos sidecar.
enum:
- ""
- debug
@@ -4649,10 +4649,10 @@ spec:
- error
type: string
minTime:
- description: MinTime for Thanos sidecar to be configured with. Option can be a constant time in RFC3339 format or time duration relative to current time, such as -1d or 2h45m. Valid duration units are ms, s, m, h, d, w, y.
+ description: Defines the start of time range limit served by the Thanos sidecar's StoreAPI. The field's value should be a constant time in RFC3339 format or a time duration relative to current time, such as -1d or 2h45m. Valid duration units are ms, s, m, h, d, w, y.
type: string
objectStorageConfig:
- description: ObjectStorageConfig configures object storage in Thanos. Alternative to ObjectStorageConfigFile, and lower order priority.
+ description: "Defines the Thanos sidecar's configuration to upload TSDB blocks to object storage. \n More info: https://thanos.io/tip/thanos/storage.md/ \n objectStorageConfigFile takes precedence over this field."
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
@@ -4668,14 +4668,14 @@ spec:
type: object
x-kubernetes-map-type: atomic
objectStorageConfigFile:
- description: ObjectStorageConfigFile specifies the path of the object storage configuration file. When used alongside with ObjectStorageConfig, ObjectStorageConfigFile takes precedence.
+ description: "Defines the Thanos sidecar's configuration file to upload TSDB blocks to object storage. \n More info: https://thanos.io/tip/thanos/storage.md/ \n This field takes precedence over objectStorageConfig."
type: string
readyTimeout:
- description: ReadyTimeout is the maximum time Thanos sidecar will wait for Prometheus to start. Eg 10m
+ description: ReadyTimeout is the maximum time that the Thanos sidecar will wait for Prometheus to start.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
resources:
- description: Resources defines the resource requirements for the Thanos sidecar. If not provided, no requests/limits will be set
+ description: Defines the resources requests and limits of the Thanos sidecar.
properties:
claims:
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
@@ -4712,13 +4712,13 @@ spec:
type: object
type: object
sha:
- description: 'SHA of Thanos container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use ''image'' instead. The image digest can be specified as part of the image URL.'
+ description: '*Deprecated: use ''image'' instead. The image digest can be specified as part of the image name.*'
type: string
tag:
- description: 'Tag of Thanos sidecar container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. Deprecated: use ''image'' instead. The image tag can be specified as part of the image URL.'
+ description: '*Deprecated: use ''image'' instead. The image''s tag can be specified as part of the image name.*'
type: string
tracingConfig:
- description: TracingConfig configures tracing in Thanos. This is an experimental feature, it may change in any upcoming release in a breaking way.
+ description: "Defines the tracing configuration for the Thanos sidecar. \n More info: https://thanos.io/tip/thanos/tracing.md/ \n This is an experimental feature, it may change in any upcoming release in a breaking way. \n tracingConfigFile takes precedence over this field."
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
@@ -4734,13 +4734,13 @@ spec:
type: object
x-kubernetes-map-type: atomic
tracingConfigFile:
- description: TracingConfig specifies the path of the tracing configuration file. When used alongside with TracingConfig, TracingConfigFile takes precedence.
+ description: "Defines the tracing configuration file for the Thanos sidecar. \n More info: https://thanos.io/tip/thanos/tracing.md/ \n This is an experimental feature, it may change in any upcoming release in a breaking way. \n This field takes precedence over tracingConfig."
type: string
version:
- description: Version describes the version of Thanos to use.
+ description: "Version of Thanos being deployed. The operator uses this information to generate the Prometheus StatefulSet + configuration files. \n If not specified, the operator assumes the latest upstream release of Thanos available at the time when the version of the operator was released."
type: string
volumeMounts:
- description: VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the thanos-sidecar container.
+ description: VolumeMounts allows configuration of additional VolumeMounts for Thanos. VolumeMounts specified will be appended to other VolumeMounts in the 'thanos-sidecar' container.
items:
description: VolumeMount describes a mounting of a Volume within a container.
properties:
@@ -4769,7 +4769,7 @@ spec:
type: array
type: object
tolerations:
- description: If specified, the pod's tolerations.
+ description: Defines the Pods' tolerations if specified.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
@@ -4792,7 +4792,7 @@ spec:
type: object
type: array
topologySpreadConstraints:
- description: If specified, the pod's topology spread constraints.
+ description: Defines the pod's topology spread constraints if specified.
items:
description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
properties:
@@ -4860,21 +4860,22 @@ spec:
type: object
type: array
tracingConfig:
- description: TracingConfig configures tracing in Prometheus. This is an experimental feature, it may change in any upcoming release in a breaking way.
+ description: 'EXPERIMENTAL: TracingConfig configures tracing in Prometheus. This is an experimental feature, it may change in any upcoming release in a breaking way.'
properties:
clientType:
- description: Client used to export the traces. Options are "http" or "grpc".
+ description: Client used to export the traces. Supported values are `http` or `grpc`.
enum:
- http
- grpc
type: string
compression:
- description: 'Compression key for supported compression types. Supported compression: gzip'
+ description: Compression key for supported compression types. The only supported value is `gzip`.
enum:
- gzip
type: string
endpoint:
description: Endpoint to send the traces to. Should be provided in format <host>:<port>.
+ minLength: 1
type: string
headers:
additionalProperties:
@@ -4892,7 +4893,7 @@ spec:
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
timeout:
- description: Maximum time the exporter will wait for each batch export. Default '10s'
+ description: Maximum time the exporter will wait for each batch export.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
tlsConfig:
@@ -5014,10 +5015,10 @@ spec:
type: string
type: object
version:
- description: Version of Prometheus to be deployed.
+ description: "Version of Prometheus being deployed. The operator uses this information to generate the Prometheus StatefulSet + configuration files. \n If not specified, the operator assumes the latest upstream version of Prometheus available at the time when the version of the operator was released."
type: string
volumeMounts:
- description: VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the prometheus container, that are generated as a result of StorageSpec objects.
+ description: "VolumeMounts allows the configuration of additional VolumeMounts. \n VolumeMounts will be appended to other VolumeMounts in the 'prometheus' container, that are generated as a result of StorageSpec objects."
items:
description: VolumeMount describes a mounting of a Volume within a container.
properties:
@@ -5045,7 +5046,7 @@ spec:
type: object
type: array
volumes:
- description: Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
+ description: Volumes allows the configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
items:
description: Volume represents a named volume in a pod that may be accessed by any container in the pod.
properties:
@@ -5996,10 +5997,10 @@ spec:
type: object
type: array
walCompression:
- description: Enable compression of the write-ahead log using Snappy. This flag is only available in versions of Prometheus >= 2.11.0.
+ description: "Configures compression of the write-ahead log (WAL) using Snappy. \n WAL compression is enabled by default for Prometheus >= 2.20.0 \n Requires Prometheus v2.11.0 and above."
type: boolean
web:
- description: Defines the web command line flags when starting Prometheus.
+ description: Defines the configuration of the Prometheus web server.
properties:
httpConfig:
description: Defines HTTP parameters for web server.
@@ -6040,7 +6041,7 @@ spec:
minimum: 0
type: integer
pageTitle:
- description: The prometheus web page title
+ description: The prometheus web page title.
type: string
tlsConfig:
description: Defines the TLS parameters for HTTPS.
diff --git a/manifests/setup/0prometheusagentCustomResourceDefinition.yaml b/manifests/setup/0prometheusagentCustomResourceDefinition.yaml
index e4f86cbbf4bf1ea838819c721aa343ea0a9e4816..652abc953d00907629b38b06f75997146d8e4049 100644
--- a/manifests/setup/0prometheusagentCustomResourceDefinition.yaml
+++ b/manifests/setup/0prometheusagentCustomResourceDefinition.yaml
@@ -62,7 +62,7 @@ spec:
description: 'Specification of the desired behavior of the Prometheus agent. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
properties:
additionalArgs:
- description: AdditionalArgs allows setting additional arguments for the Prometheus container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Prometheus container which may cause issues if they are invalid or not supported by the given Prometheus version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument the reconciliation will fail and an error will be logged.
+ description: "AdditionalArgs allows setting additional arguments for the 'prometheus' container. \n It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Prometheus container which may cause issues if they are invalid or not supported by the given Prometheus version. \n In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument, the reconciliation will fail and an error will be logged."
items:
description: Argument as part of the AdditionalArgs list.
properties:
@@ -94,7 +94,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
affinity:
- description: If specified, the pod's scheduling constraints.
+ description: Defines the Pods' affinity scheduling rules if specified.
properties:
nodeAffinity:
description: Describes node affinity scheduling rules for the pod.
@@ -566,7 +566,7 @@ spec:
type: object
type: object
apiserverConfig:
- description: APIServerConfig allows specifying a host and auth methods to access apiserver. If left empty, Prometheus is assumed to run inside of the cluster and will discover API servers automatically and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
+ description: 'APIServerConfig allows specifying a host and auth methods to access the Kuberntees API server. If null, Prometheus is assumed to run inside of the cluster: it will discover the API servers automatically and use the Pod''s CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.'
properties:
authorization:
description: Authorization section for accessing apiserver
@@ -750,7 +750,7 @@ spec:
- host
type: object
arbitraryFSAccessThroughSMs:
- description: ArbitraryFSAccessThroughSMs configures whether configuration based on a service monitor can access arbitrary files on the file system of the Prometheus container e.g. bearer token files.
+ description: When true, ServiceMonitor, PodMonitor and Probe object are forbidden to reference arbitrary files on the file system of the 'prometheus' container. When a ServiceMonitor's endpoint specifies a `bearerTokenFile` value (e.g. '/var/run/secrets/kubernetes.io/serviceaccount/token'), a malicious target can get access to the Prometheus service account's token in the Prometheus' scrape request. Setting `spec.arbitraryFSAccessThroughSM` to 'true' would prevent the attack. Users should instead provide the credentials using the `spec.bearerTokenSecret` field.
properties:
deny:
type: boolean
@@ -761,7 +761,7 @@ spec:
type: string
type: array
containers:
- description: 'Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a Prometheus pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The current container names are: `prometheus`, `config-reloader`, and `thanos-sidecar`. Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.'
+ description: "Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to the Pods or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. \n The names of containers managed by the operator are: * `prometheus` * `config-reloader` * `thanos-sidecar` \n Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice."
items:
description: A single application container that you want to run within a pod.
properties:
@@ -1579,42 +1579,42 @@ spec:
type: object
type: array
enableFeatures:
- description: Enable access to Prometheus disabled features. By default, no features are enabled. Enabling disabled features is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/
+ description: "Enable access to Prometheus feature flags. By default, no features are enabled. \n Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. \n For more information see https://prometheus.io/docs/prometheus/latest/feature_flags/"
items:
type: string
type: array
enableRemoteWriteReceiver:
- description: 'Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. Defaults to the value of `false`. WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver Only valid in Prometheus versions 2.33.0 and newer.'
+ description: "Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. \n WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver \n It requires Prometheus >= v2.33.0."
type: boolean
enforcedBodySizeLimit:
- description: 'EnforcedBodySizeLimit defines the maximum size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. Example: 100MB. If defined, the limit will apply to all service/pod monitors and probes. This is an experimental feature, this behaviour could change or be removed in the future. Only valid in Prometheus versions 2.28.0 and newer.'
+ description: "When defined, enforcedBodySizeLimit specifies a global limit on the size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. \n It requires Prometheus >= v2.28.0."
pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$
type: string
enforcedLabelLimit:
- description: Per-scrape limit on number of labels that will be accepted for a sample. If more than this number of labels are present post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
+ description: "When defined, enforcedLabelLimit specifies a global limit on the number of labels per sample. The value overrides any `spec.labelLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelLimit` is greater than zero and less than `spec.enforcedLabelLimit`. \n It requires Prometheus >= v2.27.0."
format: int64
type: integer
enforcedLabelNameLengthLimit:
- description: Per-scrape limit on length of labels name that will be accepted for a sample. If a label name is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
+ description: "When defined, enforcedLabelNameLengthLimit specifies a global limit on the length of labels name per sample. The value overrides any `spec.labelNameLengthLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelNameLengthLimit` is greater than zero and less than `spec.enforcedLabelNameLengthLimit`. \n It requires Prometheus >= v2.27.0."
format: int64
type: integer
enforcedLabelValueLengthLimit:
- description: Per-scrape limit on length of labels value that will be accepted for a sample. If a label value is longer than this number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
+ description: "When not null, enforcedLabelValueLengthLimit defines a global limit on the length of labels value per sample. The value overrides any `spec.labelValueLengthLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelValueLengthLimit` is greater than zero and less than `spec.enforcedLabelValueLengthLimit`. \n It requires Prometheus >= v2.27.0."
format: int64
type: integer
enforcedNamespaceLabel:
- description: "EnforcedNamespaceLabel If set, a label will be added to \n 1. all user-metrics (created by `ServiceMonitor`, `PodMonitor` and `Probe` objects) and 2. in all `PrometheusRule` objects (except the ones excluded in `prometheusRulesExcludedFromEnforce`) to * alerting & recording rules and * the metrics used in their expressions (`expr`). \n Label name is this field's value. Label value is the namespace of the created object (mentioned above)."
+ description: "When not empty, a label will be added to \n 1. All metrics scraped from `ServiceMonitor`, `PodMonitor`, `Probe` and `ScrapeConfig` objects. 2. All metrics generated from recording rules defined in `PrometheusRule` objects. 3. All alerts generated from alerting rules defined in `PrometheusRule` objects. 4. All vector selectors of PromQL expressions defined in `PrometheusRule` objects. \n The label will not added for objects referenced in `spec.excludedFromEnforcement`. \n The label's name is this field's value. The label's value is the namespace of the `ServiceMonitor`, `PodMonitor`, `Probe` or `PrometheusRule` object."
type: string
enforcedSampleLimit:
- description: EnforcedSampleLimit defines global limit on number of scraped samples that will be accepted. This overrides any SampleLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the SampleLimit to keep overall number of samples/series under the desired limit. Note that if SampleLimit is lower that value will be taken instead.
+ description: "When defined, enforcedSampleLimit specifies a global limit on the number of scraped samples that will be accepted. This overrides any `spec.sampleLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.sampleLimit` is greater than zero and less than than `spec.enforcedSampleLimit`. \n It is meant to be used by admins to keep the overall number of samples/series under a desired limit."
format: int64
type: integer
enforcedTargetLimit:
- description: EnforcedTargetLimit defines a global limit on the number of scraped targets. This overrides any TargetLimit set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the TargetLimit to keep the overall number of targets under the desired limit. Note that if TargetLimit is lower, that value will be taken instead, except if either value is zero, in which case the non-zero value will be used. If both values are zero, no limit is enforced.
+ description: "When defined, enforcedTargetLimit specifies a global limit on the number of scraped targets. The value overrides any `spec.targetLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.targetLimit` is greater than zero and less than `spec.enforcedTargetLimit`. \n It is meant to be used by admins to to keep the overall number of targets under a desired limit."
format: int64
type: integer
excludedFromEnforcement:
- description: List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true.
+ description: "List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. \n It is only applicable if `spec.enforcedNamespaceLabel` set to true."
items:
description: ObjectReference references a PodMonitor, ServiceMonitor, Probe or PrometheusRule object.
properties:
@@ -1625,7 +1625,7 @@ spec:
- monitoring.coreos.com
type: string
name:
- description: Name of the referent. When not set, all resources are matched.
+ description: Name of the referent. When not set, all resources in the namespace are matched.
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
@@ -1647,13 +1647,13 @@ spec:
externalLabels:
additionalProperties:
type: string
- description: The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager).
+ description: The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager). Labels defined by `spec.replicaExternalLabelName` and `spec.prometheusExternalLabelName` take precedence over this list.
type: object
externalUrl:
- description: The external URL the Prometheus instances will be available under. This is necessary to generate correct URLs. This is necessary if Prometheus is not served from root of a DNS name.
+ description: The external URL under which the Prometheus service is externally available. This is necessary to generate correct URLs (for instance if Prometheus is accessible behind an Ingress resource).
type: string
hostAliases:
- description: Pods' hostAliases configuration
+ description: Optional list of hosts and IPs that will be injected into the Pod's hosts file if specified.
items:
description: HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file.
properties:
@@ -1674,13 +1674,13 @@ spec:
- ip
x-kubernetes-list-type: map
hostNetwork:
- description: Use the host's network namespace if true. Make sure to understand the security implications if you want to enable it. When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically.
+ description: "Use the host's network namespace if true. \n Make sure to understand the security implications if you want to enable it (https://kubernetes.io/docs/concepts/configuration/overview/). \n When hostNetwork is enabled, this will set the DNS policy to `ClusterFirstWithHostNet` automatically."
type: boolean
ignoreNamespaceSelectors:
- description: IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from all PodMonitor, ServiceMonitor and Probe objects. They will only discover endpoints within the namespace of the PodMonitor, ServiceMonitor and Probe objects. Defaults to false.
+ description: When true, `spec.namespaceSelector` from all PodMonitor, ServiceMonitor and Probe objects will be ignored. They will only discover targets within the namespace of the PodMonitor, ServiceMonitor and Probe objec.
type: boolean
image:
- description: Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Prometheus is being configured.
+ description: "Container image name for Prometheus. If specified, it takes precedence over the `spec.baseImage`, `spec.tag` and `spec.sha` fields. \n Specifying `spec.version` is still necessary to ensure the Prometheus Operator knows which version of Prometheus is being configured. \n If neither `spec.image` nor `spec.baseImage` are defined, the operator will use the latest upstream version of Prometheus available at the time when the operator was released."
type: string
imagePullPolicy:
description: Image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details.
@@ -1691,7 +1691,7 @@ spec:
- IfNotPresent
type: string
imagePullSecrets:
- description: An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
+ description: An optional list of references to Secrets in the same namespace to use for pulling images from registries. See http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
items:
description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
properties:
@@ -1702,7 +1702,7 @@ spec:
x-kubernetes-map-type: atomic
type: array
initContainers:
- description: 'InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. The current init container name is: `init-config-reloader`. Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice.'
+ description: "InitContainers allows injecting initContainers to the Pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. \n The names of init container name managed by the operator are: * `init-config-reloader`. \n Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice."
items:
description: A single application container that you want to run within a pod.
properties:
@@ -2520,17 +2520,17 @@ spec:
type: object
type: array
listenLocal:
- description: ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP.
+ description: When true, the Prometheus server listens on the loopback address instead of the Pod IP's address.
type: boolean
logFormat:
- description: Log format for Prometheus to be configured with.
+ description: Log format for Log level for Prometheus and the config-reloader sidecar.
enum:
- ""
- logfmt
- json
type: string
logLevel:
- description: Log level for Prometheus to be configured with.
+ description: Log level for Prometheus and the config-reloader sidecar.
enum:
- ""
- debug
@@ -2539,13 +2539,13 @@ spec:
- error
type: string
minReadySeconds:
- description: Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate.
+ description: "Minimum number of seconds for which a newly created Pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) \n This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate."
format: int32
type: integer
nodeSelector:
additionalProperties:
type: string
- description: Define which Nodes the Pods are scheduled on.
+ description: Defines on which Nodes the Pods are scheduled.
type: object
overrideHonorLabels:
description: When true, Prometheus resolves label conflicts by renaming the labels in the scraped data to "exported_<label value>" for all targets created from service and pod monitors. Otherwise the HonorLabels field of the service or pod monitor applies.
@@ -2557,7 +2557,7 @@ spec:
description: When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects.
type: boolean
podMetadata:
- description: PodMetadata configures Labels and Annotations which are propagated to the prometheus pods.
+ description: PodMetadata configures labels and annotations which are propagated to the Prometheus pods.
properties:
annotations:
additionalProperties:
@@ -2574,7 +2574,7 @@ spec:
type: string
type: object
podMonitorNamespaceSelector:
- description: Namespace's labels to match for PodMonitor discovery. If nil, only check own namespace.
+ description: Namespaces to match for PodMonitors discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -2605,7 +2605,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
podMonitorSelector:
- description: "*Experimental* PodMonitors to be selected for target discovery. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
+ description: "*Experimental* PodMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is *deprecated* and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -2636,19 +2636,19 @@ spec:
type: object
x-kubernetes-map-type: atomic
podTargetLabels:
- description: PodTargetLabels are added to all Pod/ServiceMonitors' podTargetLabels
+ description: PodTargetLabels are appended to the `spec.podTargetLabels` field of all PodMonitor and ServiceMonitor objects.
items:
type: string
type: array
portName:
default: web
- description: Port name used for the pods and governing service. Defaults to `web`.
+ description: 'Port name used for the pods and governing service. Default: "web"'
type: string
priorityClassName:
- description: Priority class assigned to the Pods
+ description: Priority class assigned to the Pods.
type: string
probeNamespaceSelector:
- description: '*Experimental* Namespaces to be selected for Probe discovery. If nil, only check own namespace.'
+ description: '*Experimental* Namespaces to match for Probe discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only.'
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -2679,7 +2679,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
probeSelector:
- description: "*Experimental* Probes to be selected for target discovery. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
+ description: "*Experimental* Probes to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is *deprecated* and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -2710,15 +2710,15 @@ spec:
type: object
x-kubernetes-map-type: atomic
prometheusExternalLabelName:
- description: Name of Prometheus external label used to denote Prometheus instance name. Defaults to the value of `prometheus`. External label will _not_ be added when value is set to empty string (`""`).
+ description: "Name of Prometheus external label used to denote the Prometheus instance name. The external label will _not_ be added when the field is set to the empty string (`\"\"`). \n Default: \"prometheus\""
type: string
remoteWrite:
- description: remoteWrite is the list of remote write configurations.
+ description: Defines the list of remote write configurations.
items:
description: RemoteWriteSpec defines the configuration to write samples from Prometheus to a remote endpoint.
properties:
authorization:
- description: Authorization section for remote write
+ description: "Authorization section for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot be set at the same time as `sigv4`, `basicAuth`, or `oauth2`."
properties:
credentials:
description: The secret's key that contains the credentials of the request
@@ -2744,7 +2744,7 @@ spec:
type: string
type: object
basicAuth:
- description: BasicAuth for the URL.
+ description: "BasicAuth configuration for the URL. \n Cannot be set at the same time as `sigv4`, `authorization`, or `oauth2`."
properties:
password:
description: The secret in the service monitor namespace that contains the password for authentication.
@@ -2780,15 +2780,15 @@ spec:
x-kubernetes-map-type: atomic
type: object
bearerToken:
- description: Bearer token for remote write.
+ description: "*Warning: this field shouldn't used because the token value appears in clear-text. Prefer using `authorization`.* \n *Deprecated: this will be removed in a future release.*"
type: string
bearerTokenFile:
- description: File to read bearer token for remote write.
+ description: "File from which to read bearer token for the URL. \n *Deprecated: this will be removed in a future release. Prefer using `authorization`.*"
type: string
headers:
additionalProperties:
type: string
- description: Custom HTTP headers to be sent along with each remote write request. Be aware that headers that are set by Prometheus itself can't be overwritten. Only valid in Prometheus versions 2.25.0 and newer.
+ description: "Custom HTTP headers to be sent along with each remote write request. Be aware that headers that are set by Prometheus itself can't be overwritten. \n It requires Prometheus >= v2.25.0."
type: object
metadataConfig:
description: MetadataConfig configures the sending of series metadata to the remote storage.
@@ -2802,10 +2802,10 @@ spec:
type: string
type: object
name:
- description: The name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. Only valid in Prometheus versions 2.15.0 and newer.
+ description: "The name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. \n It requires Prometheus >= v2.15.0."
type: string
oauth2:
- description: OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
+ description: "OAuth2 configuration for the URL. \n It requires Prometheus >= v2.27.0. \n Cannot be set at the same time as `sigv4`, `authorization`, or `basicAuth`."
properties:
clientId:
description: The secret or configmap containing the OAuth2 client id
@@ -2917,16 +2917,16 @@ spec:
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
sendExemplars:
- description: Enables sending of exemplars over remote write. Note that exemplar-storage itself must be enabled using the enableFeature option for exemplars to be scraped in the first place. Only valid in Prometheus versions 2.27.0 and newer.
+ description: "Enables sending of exemplars over remote write. Note that exemplar-storage itself must be enabled using the `spec.enableFeature` option for exemplars to be scraped in the first place. \n It requires Prometheus >= v2.27.0."
type: boolean
sendNativeHistograms:
- description: Enables sending of native histograms, also known as sparse histograms over remote write. Only valid in Prometheus versions 2.40.0 and newer.
+ description: "Enables sending of native histograms, also known as sparse histograms over remote write. \n It requires Prometheus >= v2.40.0."
type: boolean
sigv4:
- description: Sigv4 allows to configures AWS's Signature Verification 4
+ description: "Sigv4 allows to configures AWS's Signature Verification 4 for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot be set at the same time as `authorization`, `basicAuth`, or `oauth2`."
properties:
accessKey:
- description: AccessKey is the AWS API key. If blank, the environment variable `AWS_ACCESS_KEY_ID` is used.
+ description: AccessKey is the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used.
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
@@ -2951,7 +2951,7 @@ spec:
description: RoleArn is the named AWS profile used to authenticate.
type: string
secretKey:
- description: SecretKey is the AWS API secret. If blank, the environment variable `AWS_SECRET_ACCESS_KEY` is used.
+ description: SecretKey is the AWS API secret. If not specified, the environment variable `AWS_SECRET_ACCESS_KEY` is used.
properties:
key:
description: The key of the secret to select from. Must be a valid secret key.
@@ -2968,7 +2968,7 @@ spec:
x-kubernetes-map-type: atomic
type: object
tlsConfig:
- description: TLS Config to use for remote write.
+ description: TLS Config to use for the URL.
properties:
ca:
description: Certificate authority used when verifying server certificates.
@@ -3139,14 +3139,14 @@ spec:
type: object
type: array
replicaExternalLabelName:
- description: Name of Prometheus external label used to denote replica name. Defaults to the value of `prometheus_replica`. External label will _not_ be added when value is set to empty string (`""`).
+ description: "Name of Prometheus external label used to denote the replica name. The external label will _not_ be added when the field is set to the empty string (`\"\"`). \n Default: \"prometheus_replica\""
type: string
replicas:
- description: Number of replicas of each shard to deploy for a Prometheus deployment. Number of replicas multiplied by shards is the total number of Pods created.
+ description: "Number of replicas of each shard to deploy for a Prometheus deployment. `spec.replicas` multiplied by `spec.shards` is the total number of Pods created. \n Default: 1"
format: int32
type: integer
resources:
- description: Define resources requests and limits for single Pods.
+ description: Defines the resources requests and limits of the 'prometheus' container.
properties:
claims:
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
@@ -3183,10 +3183,10 @@ spec:
type: object
type: object
routePrefix:
- description: The route prefix Prometheus registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`.
+ description: "The route prefix Prometheus registers HTTP handlers for. \n This is useful when using `spec.externalURL`, and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`."
type: string
scrapeConfigNamespaceSelector:
- description: Namespace's labels to match for ScrapeConfig discovery. If nil, only check own namespace.
+ description: Namespaces to match for ScrapeConfig discovery. An empty label selector matches all namespaces. A null label selector matches the current current namespace only.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -3217,7 +3217,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
scrapeConfigSelector:
- description: "*Experimental* ScrapeConfigs to be selected for target discovery. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
+ description: "*Experimental* ScrapeConfigs to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is *deprecated* and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -3249,11 +3249,11 @@ spec:
x-kubernetes-map-type: atomic
scrapeInterval:
default: 30s
- description: 'Interval between consecutive scrapes. Default: `30s`'
+ description: "Interval between consecutive scrapes. \n Default: \"30s\""
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
scrapeTimeout:
- description: Number of seconds to wait for target to respond before erroring.
+ description: Number of seconds to wait until a scrape request times out.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
secrets:
@@ -3353,7 +3353,7 @@ spec:
description: ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods.
type: string
serviceMonitorNamespaceSelector:
- description: Namespace's labels to match for ServiceMonitor discovery. If nil, only check own namespace.
+ description: Namespaces to match for ServicedMonitors discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -3384,7 +3384,7 @@ spec:
type: object
x-kubernetes-map-type: atomic
serviceMonitorSelector:
- description: "ServiceMonitors to be selected for target discovery. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is deprecated and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
+ description: "ServiceMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it is the responsibility of the user to provide the raw gzipped Prometheus configuration under the `prometheus.yaml.gz` key. This behavior is *deprecated* and will be removed in the next major version of the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` instead."
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
@@ -3415,17 +3415,17 @@ spec:
type: object
x-kubernetes-map-type: atomic
shards:
- description: 'EXPERIMENTAL: Number of shards to distribute targets onto. Number of replicas multiplied by shards is the total number of Pods created. Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally use Thanos sidecar and Thanos querier or remote write data to a central location. Sharding is done on the content of the `__address__` target meta-label.'
+ description: "EXPERIMENTAL: Number of shards to distribute targets onto. `spec.replicas` multiplied by `spec.shards` is the total number of Pods created. \n Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally, use Thanos sidecar and Thanos querier or remote write data to a central location. \n Sharding is performed on the content of the `__address__` target meta-label for PodMonitors and ServiceMonitors and `__param_target__` for Probes. \n Default: 1"
format: int32
type: integer
storage:
- description: Storage spec to specify how storage shall be used.
+ description: Storage defines the storage used by Prometheus.
properties:
disableMountSubPath:
- description: 'Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. DisableMountSubPath allows to remove any subPath usage in volume mounts.'
+ description: '*Deprecated: subPath usage will be removed in a future release.*'
type: boolean
emptyDir:
- description: 'EmptyDirVolumeSource to be used by the StatefulSet. If specified, used in place of any volumeClaimTemplate. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
+ description: 'EmptyDirVolumeSource to be used by the StatefulSet. If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
properties:
medium:
description: 'medium represents what type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
@@ -3439,7 +3439,7 @@ spec:
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: 'EphemeralVolumeSource to be used by the StatefulSet. This is a beta field in k8s 1.21, for lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
+ description: 'EphemeralVolumeSource to be used by the StatefulSet. This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
properties:
volumeClaimTemplate:
description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
@@ -3574,7 +3574,7 @@ spec:
type: object
type: object
volumeClaimTemplate:
- description: A PVC spec to be used by the StatefulSet. The easiest way to use a volume that cannot be automatically provisioned (for whatever reason) is to use a label selector alongside manually created PersistentVolumes.
+ description: Defines the PVC spec to be used by the Prometheus StatefulSets. The easiest way to use a volume that cannot be automatically provisioned is to use a label selector alongside manually created PersistentVolumes.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
@@ -3600,7 +3600,7 @@ spec:
type: string
type: object
spec:
- description: 'Spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+ description: 'Defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
accessModes:
description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
@@ -3722,7 +3722,7 @@ spec:
type: string
type: object
status:
- description: 'Status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+ description: '*Deprecated: this field is never set.*'
properties:
accessModes:
description: 'accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
@@ -3786,7 +3786,7 @@ spec:
type: object
type: object
tolerations:
- description: If specified, the pod's tolerations.
+ description: Defines the Pods' tolerations if specified.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
@@ -3809,7 +3809,7 @@ spec:
type: object
type: array
topologySpreadConstraints:
- description: If specified, the pod's topology spread constraints.
+ description: Defines the pod's topology spread constraints if specified.
items:
description: TopologySpreadConstraint specifies how to spread matching pods among the given topology.
properties:
@@ -3876,11 +3876,158 @@ spec:
- whenUnsatisfiable
type: object
type: array
+ tracingConfig:
+ description: 'EXPERIMENTAL: TracingConfig configures tracing in Prometheus. This is an experimental feature, it may change in any upcoming release in a breaking way.'
+ properties:
+ clientType:
+ description: Client used to export the traces. Supported values are `http` or `grpc`.
+ enum:
+ - http
+ - grpc
+ type: string
+ compression:
+ description: Compression key for supported compression types. The only supported value is `gzip`.
+ enum:
+ - gzip
+ type: string
+ endpoint:
+ description: Endpoint to send the traces to. Should be provided in format <host>:<port>.
+ minLength: 1
+ type: string
+ headers:
+ additionalProperties:
+ type: string
+ description: Key-value pairs to be used as headers associated with gRPC or HTTP requests.
+ type: object
+ insecure:
+ description: If disabled, the client will use a secure connection.
+ type: boolean
+ samplingFraction:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Sets the probability a given trace will be sampled. Must be a float from 0 through 1.
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ timeout:
+ description: Maximum time the exporter will wait for each batch export.
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
+ tlsConfig:
+ description: TLS Config to use when sending traces.
+ properties:
+ ca:
+ description: Certificate authority used when verifying server certificates.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ caFile:
+ description: Path to the CA cert in the Prometheus container to use for the targets.
+ type: string
+ cert:
+ description: Client certificate to present when doing client-authentication.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ certFile:
+ description: Path to the client cert file in the Prometheus container for the targets.
+ type: string
+ insecureSkipVerify:
+ description: Disable target certificate validation.
+ type: boolean
+ keyFile:
+ description: Path to the client key file in the Prometheus container for the targets.
+ type: string
+ keySecret:
+ description: Secret containing the client key file for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ serverName:
+ description: Used to verify the hostname for the targets.
+ type: string
+ type: object
+ required:
+ - endpoint
+ type: object
version:
- description: Version of Prometheus to be deployed.
+ description: "Version of Prometheus being deployed. The operator uses this information to generate the Prometheus StatefulSet + configuration files. \n If not specified, the operator assumes the latest upstream version of Prometheus available at the time when the version of the operator was released."
type: string
volumeMounts:
- description: VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the prometheus container, that are generated as a result of StorageSpec objects.
+ description: "VolumeMounts allows the configuration of additional VolumeMounts. \n VolumeMounts will be appended to other VolumeMounts in the 'prometheus' container, that are generated as a result of StorageSpec objects."
items:
description: VolumeMount describes a mounting of a Volume within a container.
properties:
@@ -3908,7 +4055,7 @@ spec:
type: object
type: array
volumes:
- description: Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
+ description: Volumes allows the configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects.
items:
description: Volume represents a named volume in a pod that may be accessed by any container in the pod.
properties:
@@ -4859,10 +5006,10 @@ spec:
type: object
type: array
walCompression:
- description: Enable compression of the write-ahead log using Snappy. This flag is only available in versions of Prometheus >= 2.11.0.
+ description: "Configures compression of the write-ahead log (WAL) using Snappy. \n WAL compression is enabled by default for Prometheus >= 2.20.0 \n Requires Prometheus v2.11.0 and above."
type: boolean
web:
- description: Defines the web command line flags when starting Prometheus.
+ description: Defines the configuration of the Prometheus web server.
properties:
httpConfig:
description: Defines HTTP parameters for web server.
@@ -4903,7 +5050,7 @@ spec:
minimum: 0
type: integer
pageTitle:
- description: The prometheus web page title
+ description: The prometheus web page title.
type: string
tlsConfig:
description: Defines the TLS parameters for HTTPS.
diff --git a/manifests/setup/0prometheusruleCustomResourceDefinition.yaml b/manifests/setup/0prometheusruleCustomResourceDefinition.yaml
index 9b2fcab0ae72b15b68f821fe015c27b4b1c750bc..beb3f598be8de56bbcf5b36e15654ed1d87f2a26 100644
--- a/manifests/setup/0prometheusruleCustomResourceDefinition.yaml
+++ b/manifests/setup/0prometheusruleCustomResourceDefinition.yaml
@@ -77,6 +77,11 @@ spec:
description: Alerts are considered firing once they have been returned for this long.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
+ keep_firing_for:
+ description: KeepFiringFor defines how long an alert will continue firing after the condition that triggered it has cleared.
+ minLength: 1
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
labels:
additionalProperties:
type: string
diff --git a/manifests/setup/0scrapeconfigCustomResourceDefinition.yaml b/manifests/setup/0scrapeconfigCustomResourceDefinition.yaml
index 75acc75bbf50f9e7ce245fecd126f1b12e85a616..2d6f6c94934537040fc445a27d758121dc0def1c 100644
--- a/manifests/setup/0scrapeconfigCustomResourceDefinition.yaml
+++ b/manifests/setup/0scrapeconfigCustomResourceDefinition.yaml
@@ -34,6 +34,65 @@ spec:
spec:
description: ScrapeConfigSpec is a specification of the desired configuration for a scrape configuration.
properties:
+ authorization:
+ description: Authorization header to use on every scrape request.
+ properties:
+ credentials:
+ description: The secret's key that contains the credentials of the request
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type:
+ description: Set the authentication type. Defaults to Bearer, Basic will cause an error
+ type: string
+ type: object
+ basicAuth:
+ description: BasicAuth information to use on every scrape request.
+ properties:
+ password:
+ description: The secret in the service monitor namespace that contains the password for authentication.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ username:
+ description: The secret in the service monitor namespace that contains the username for authentication.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
fileSDConfigs:
description: FileSDConfigs defines a list of file service discovery configurations.
items:
@@ -66,6 +125,65 @@ spec:
items:
description: HTTPSDConfig defines a prometheus HTTP service discovery configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#http_sd_config
properties:
+ authorization:
+ description: Authorization header configuration to authenticate against the target HTTP endpoint.
+ properties:
+ credentials:
+ description: The secret's key that contains the credentials of the request
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type:
+ description: Set the authentication type. Defaults to Bearer, Basic will cause an error
+ type: string
+ type: object
+ basicAuth:
+ description: 'BasicAuth information to authenticate against the target HTTP endpoint. More info: https://prometheus.io/docs/operating/configuration/#endpoints'
+ properties:
+ password:
+ description: The secret in the service monitor namespace that contains the password for authentication.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ username:
+ description: The secret in the service monitor namespace that contains the username for authentication.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
refreshInterval:
description: RefreshInterval configures the refresh interval at which Prometheus will re-query the endpoint to update the target list.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
@@ -139,6 +257,12 @@ spec:
type: string
type: object
type: array
+ scheme:
+ description: Configures the protocol scheme used for requests. If empty, Prometheus uses HTTP by default.
+ enum:
+ - HTTP
+ - HTTPS
+ type: string
staticConfigs:
description: StaticConfigs defines a list of static targets with a common label set.
items:
diff --git a/manifests/setup/0thanosrulerCustomResourceDefinition.yaml b/manifests/setup/0thanosrulerCustomResourceDefinition.yaml
index 3af186f4e06ce82e3e14379a9577c00ce367bf8e..ea69d1de98749ede2c7fc405a0b491a133285c70 100644
--- a/manifests/setup/0thanosrulerCustomResourceDefinition.yaml
+++ b/manifests/setup/0thanosrulerCustomResourceDefinition.yaml
@@ -1435,7 +1435,7 @@ spec:
- monitoring.coreos.com
type: string
name:
- description: Name of the referent. When not set, all resources are matched.
+ description: Name of the referent. When not set, all resources in the namespace are matched.
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
@@ -2510,10 +2510,10 @@ spec:
description: PrometheusRuleExcludeConfig enables users to configure excluded PrometheusRule names and their namespaces to be ignored while enforcing namespace label for alerts and metrics.
properties:
ruleName:
- description: RuleNamespace - name of excluded rule
+ description: Name of the excluded PrometheusRule object.
type: string
ruleNamespace:
- description: RuleNamespace - namespace of excluded rule
+ description: Namespace of the excluded PrometheusRule object.
type: string
required:
- ruleName
@@ -2747,10 +2747,10 @@ spec:
description: Storage spec to specify how storage shall be used.
properties:
disableMountSubPath:
- description: 'Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. DisableMountSubPath allows to remove any subPath usage in volume mounts.'
+ description: '*Deprecated: subPath usage will be removed in a future release.*'
type: boolean
emptyDir:
- description: 'EmptyDirVolumeSource to be used by the StatefulSet. If specified, used in place of any volumeClaimTemplate. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
+ description: 'EmptyDirVolumeSource to be used by the StatefulSet. If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
properties:
medium:
description: 'medium represents what type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
@@ -2764,7 +2764,7 @@ spec:
x-kubernetes-int-or-string: true
type: object
ephemeral:
- description: 'EphemeralVolumeSource to be used by the StatefulSet. This is a beta field in k8s 1.21, for lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
+ description: 'EphemeralVolumeSource to be used by the StatefulSet. This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
properties:
volumeClaimTemplate:
description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
@@ -2899,7 +2899,7 @@ spec:
type: object
type: object
volumeClaimTemplate:
- description: A PVC spec to be used by the StatefulSet. The easiest way to use a volume that cannot be automatically provisioned (for whatever reason) is to use a label selector alongside manually created PersistentVolumes.
+ description: Defines the PVC spec to be used by the Prometheus StatefulSets. The easiest way to use a volume that cannot be automatically provisioned is to use a label selector alongside manually created PersistentVolumes.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
@@ -2925,7 +2925,7 @@ spec:
type: string
type: object
spec:
- description: 'Spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+ description: 'Defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
accessModes:
description: 'accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
@@ -3047,7 +3047,7 @@ spec:
type: string
type: object
status:
- description: 'Status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+ description: '*Deprecated: this field is never set.*'
properties:
accessModes:
description: 'accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'