This commit aligns all controllers to follow the same pattern when
dealing with non-existing and paused objects. It also ensures consistent
logging.
Signed-off-by: Simon Pasquier <spasquie@redhat.com>
This commit removes the `dispatchStartDelay` field from the Alertmanager
CRD and uses instead the `minReadySeconds` value as the default
duration to delay the first flush of aggregation groups.
When Kubernetes performs pod updates (due to spec updates or pod
eviction),`minReadySeconds` defines how long a statefulset's pod should
be ready before kube-controller-manager can proceed with the next pod
update. The main use case of `minReadySeconds` is to ensure that
Prometheus has resent all alerts before updating the next pod hence it
makes sense for Alertmanager to wait the same amount of time before
sending alert notifications. Users who want to use another value for
`--dispatch.start-delay` can customize it using the
`.spec.additionalArgs` field.
The removal of `dispatchStartDelay` is possible because the field hasn't
been made available in any public release.
Signed-off-by: Simon Pasquier <spasquie@redhat.com>
This commit introduces a new `updateStrategy` field for
statefulset-based workloads (Prometheus, PrometheusAgent, Alertmanager
and ThanosRuler). While for now, there's a 1:1 mapping with StatefulSet
strategies, it paves the way to the introduction of custom strategies
which may be required to streamline operations in case of broken updates
(similar to the scenario explained in
https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#forced-rollback).
Closes #5435
Signed-off-by: Simon Pasquier <spasquie@redhat.com>
This commit introduces the `NoSelectedResources` reason for the
`Reconciled` condition when a workload object selects no resources
(valid or invalid). It should make it easier to detect when resource
selectors are null or match no resource.
The `Alertmanager` resource is the exception because the configuration
may be provided only via a reference to a Secret key.
Signed-off-by: Simon Pasquier <spasquie@redhat.com>
This commit avoids the situation where the operator would update the
StatefulSet because the concatenation of configured rules exceeds the
maximum ConfigMap size. To alleviate the issue, the operator now
configures the StatefulSet to always mount 3 "rule" ConfigMaps with
"optional: true". When the operator generates an additional ConfigMap,
it will get mounted automatically into the pod and the config-reloader
sidecar will detect and apply the new configuration. When the
number of "concrete" ConfigMaps decreases, the operation is also
non-disruptive.
The number has been chosen arbitrarily and it could change in the future
but 3 seems a good choice (original reports were complaining about the
number of ConfigMaps fluctuating between 1 and 2).
The change applies both to Prometheus and ThanosRuler.
Closes #5085
Signed-off-by: Simon Pasquier <spasquie@redhat.com>
This commit ensures that the operator's Service Account has the expected
permissions to manage status subresources when the
`StatusForConfigurationResources` feature gate is enabled.
Signed-off-by: Simon Pasquier <spasquie@redhat.com>
On first reconciliation of the status subresource, the patch semantics
don't allow to ensure that a second concurrent patch operation doesn't
overwrite the first change. Using Update with ResourceVersion (aka
optimistic locking), we make sure that the second operation would fail
(and be retried).
Signed-off-by: Simon Pasquier <spasquie@redhat.com>
This commit moves the rule management functionality which is shared
between Prometheus and ThanosRuler controllers to a shared package.
Signed-off-by: Simon Pasquier <spasquie@redhat.com>
for admission webhook default is legacy validation
Assissted-By: Cursor
Signed-off-by: Jayapriya Pai <slashpai9@gmail.com>
Co-authored-by: Simon Pasquier <spasquie@redhat.com>
This is a follow-up of #7867 which refactors the event handling to
always inject the related object.
Signed-off-by: Simon Pasquier <spasquie@redhat.com>
This is a follow-up of #7786 which was only targeting workload resources
such as statefulsets, daemonsets and pods. With this commit, all
resources managed by the operator will be labelled with the
`app.kubernetes.io/managed-by: prometheus-operator` label.
Signed-off-by: Simon Pasquier <spasquie@redhat.com>
