c82deb8765
* Refactor: Replace ServiceMonitorStatus with ConfigResourceStatus and update documentation
880 KiB
title, description, draft, images, menu, weight, toc
| title | description | draft | images | menu | weight | toc |
|---|---|---|---|---|---|---|
| API reference | Prometheus operator generated API reference docs | false | operator | 151 | true |
This page is automatically generated with
gen-crd-api-reference-docs.
Packages:
monitoring.coreos.com/v1
Resource Types:Alertmanager
The Alertmanager custom resource definition (CRD) defines a desired Alertmanager setup to run in a Kubernetes cluster. It allows to specify many options such as the number of replicas, persistent storage and many more.
For each Alertmanager resource, the Operator deploys a StatefulSet in the same namespace. When there are two or more configured replicas, the Operator runs the Alertmanager instances in high-availability mode.
The resource defines via label and namespace selectors which AlertmanagerConfig objects should be associated to the deployed Alertmanager instances.
| Field | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
monitoring.coreos.com/v1
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
kindstring |
Alertmanager |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
metadataKubernetes meta/v1.ObjectMeta |
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
specAlertmanagerSpec |
Specification of the desired behavior of the Alertmanager cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
statusAlertmanagerStatus |
Most recent observed status of the Alertmanager cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
PodMonitor
The PodMonitor custom resource definition (CRD) defines how Prometheus and PrometheusAgent can scrape metrics from a group of pods.
Among other things, it allows to specify:
* The pods to scrape via label selectors.
* The container ports to scrape.
* Authentication credentials to use.
* Target and metric relabeling.
Prometheus and PrometheusAgent objects select PodMonitor objects using label and namespace selectors.
| Field | Description | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
monitoring.coreos.com/v1
|
||||||||||||||||||||||||||||||||||||||||||
kindstring |
PodMonitor |
||||||||||||||||||||||||||||||||||||||||||
metadataKubernetes meta/v1.ObjectMeta |
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||||||||||||||||||||||||||||||||||||||||
specPodMonitorSpec |
Specification of desired Pod selection for target discovery by Prometheus.
|
Probe
The Probe custom resource definition (CRD) defines how to scrape metrics from prober exporters such as the blackbox exporter.
The Probe resource needs 2 pieces of information:
* The list of probed addresses which can be defined statically or by discovering Kubernetes Ingress objects.
* The prober which exposes the availability of probed endpoints (over various protocols such HTTP, TCP, ICMP, …) as Prometheus metrics.
Prometheus and PrometheusAgent objects select Probe objects using label and namespace selectors.
| Field | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
monitoring.coreos.com/v1
|
||||||||||||||||||||||||||||||||||||||||||||||||||
kindstring |
Probe |
||||||||||||||||||||||||||||||||||||||||||||||||||
metadataKubernetes meta/v1.ObjectMeta |
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||||||||||||||||||||||||||||||||||||||||||||||||
specProbeSpec |
Specification of desired Ingress selection for target discovery by Prometheus.
|
Prometheus
The Prometheus custom resource definition (CRD) defines a desired Prometheus setup to run in a Kubernetes cluster. It allows to specify many options such as the number of replicas, persistent storage, and Alertmanagers where firing alerts should be sent and many more.
For each Prometheus resource, the Operator deploys one or several StatefulSet objects in the same namespace. The number of StatefulSets is equal to the number of shards which is 1 by default.
The resource defines via label and namespace selectors which ServiceMonitor, PodMonitor, Probe and PrometheusRule objects should be associated to the deployed Prometheus instances.
The Operator continuously reconciles the scrape and rules configuration and a sidecar container running in the Prometheus pods triggers a reload of the configuration when needed.
| Field | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
monitoring.coreos.com/v1
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
kindstring |
Prometheus |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
metadataKubernetes meta/v1.ObjectMeta |
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
specPrometheusSpec |
Specification of the desired behavior of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
statusPrometheusStatus |
Most recent observed status of the Prometheus cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
PrometheusRule
The PrometheusRule custom resource definition (CRD) defines alerting and recording rules to be evaluated by Prometheus or ThanosRuler objects.
Prometheus and ThanosRuler objects select PrometheusRule objects using label and namespace selectors.
| Field | Description | ||
|---|---|---|---|
apiVersionstring |
monitoring.coreos.com/v1
|
||
kindstring |
PrometheusRule |
||
metadataKubernetes meta/v1.ObjectMeta |
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||
specPrometheusRuleSpec |
Specification of desired alerting rule definitions for Prometheus.
|
ServiceMonitor
The ServiceMonitor custom resource definition (CRD) defines how Prometheus and PrometheusAgent can scrape metrics from a group of services.
Among other things, it allows to specify:
* The services to scrape via label selectors.
* The container ports to scrape.
* Authentication credentials to use.
* Target and metric relabeling.
Prometheus and PrometheusAgent objects select ServiceMonitor objects using label and namespace selectors.
| Field | Description | ||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
monitoring.coreos.com/v1
|
||||||||||||||||||||||||||||||||||||||||||||
kindstring |
ServiceMonitor |
||||||||||||||||||||||||||||||||||||||||||||
metadataKubernetes meta/v1.ObjectMeta |
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||||||||||||||||||||||||||||||||||||||||||
specServiceMonitorSpec |
Specification of desired Service selection for target discovery by Prometheus.
|
||||||||||||||||||||||||||||||||||||||||||||
statusConfigResourceStatus |
(Optional)
This Status subresource is under active development and is updated only when the “StatusForConfigurationResources” feature gate is enabled. Most recent observed status of the ServiceMonitor. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
ThanosRuler
The ThanosRuler custom resource definition (CRD) defines a desired Thanos Ruler setup to run in a Kubernetes cluster.
A ThanosRuler instance requires at least one compatible Prometheus API endpoint (either Thanos Querier or Prometheus services).
The resource defines via label and namespace selectors which PrometheusRule objects should be associated to the deployed Thanos Ruler instances.
| Field | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
monitoring.coreos.com/v1
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
kindstring |
ThanosRuler |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
metadataKubernetes meta/v1.ObjectMeta |
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
specThanosRulerSpec |
Specification of the desired behavior of the ThanosRuler cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
statusThanosRulerStatus |
Most recent observed status of the ThanosRuler cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
APIServerConfig
(Appears on:CommonPrometheusFields)
APIServerConfig defines how the Prometheus server connects to the Kubernetes API server.
More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config
| Field | Description |
|---|---|
hoststring |
Kubernetes API address consisting of a hostname or IP address followed by an optional port number. |
basicAuthBasicAuth |
(Optional)
BasicAuth configuration for the API server. Cannot be set at the same time as |
bearerTokenFilestring |
File to read bearer token for accessing apiserver. Cannot be set at the same time as Deprecated: this will be removed in a future release. Prefer using |
tlsConfigTLSConfig |
(Optional)
TLS Config to use for the API server. |
authorizationAuthorization |
(Optional)
Authorization section for the API server. Cannot be set at the same time as |
bearerTokenstring |
Warning: this field shouldn’t be used because the token value appears
in clear-text. Prefer using Deprecated: this will be removed in a future release. |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
AdditionalLabelSelectors
(string alias)
(Appears on:TopologySpreadConstraint)
| Value | Description |
|---|---|
"OnResource" |
Automatically add a label selector that will select all pods matching the same Prometheus/PrometheusAgent resource (irrespective of their shards). |
"OnShard" |
Automatically add a label selector that will select all pods matching the same shard. |
AlertingSpec
(Appears on:PrometheusSpec)
AlertingSpec defines parameters for alerting configuration of Prometheus servers.
| Field | Description |
|---|---|
alertmanagers[]AlertmanagerEndpoints |
Alertmanager endpoints where Prometheus should send alerts to. |
AlertmanagerAPIVersion
(string alias)
(Appears on:AlertmanagerEndpoints)
| Value | Description |
|---|---|
"V1" |
|
"V2" |
AlertmanagerConfigMatcherStrategy
(Appears on:AlertmanagerSpec)
| Field | Description |
|---|---|
typeAlertmanagerConfigMatcherStrategyType |
AlertmanagerConfigMatcherStrategyType defines the strategy used by AlertmanagerConfig objects to match alerts in the routes and inhibition rules. The default value is |
AlertmanagerConfigMatcherStrategyType
(string alias)
(Appears on:AlertmanagerConfigMatcherStrategy)
| Value | Description |
|---|---|
"None" |
With |
"OnNamespace" |
With |
"OnNamespaceExceptForAlertmanagerNamespace" |
With |
AlertmanagerConfiguration
(Appears on:AlertmanagerSpec)
AlertmanagerConfiguration defines the Alertmanager configuration.
| Field | Description |
|---|---|
namestring |
The name of the AlertmanagerConfig resource which is used to generate the Alertmanager configuration.
It must be defined in the same namespace as the Alertmanager object.
The operator will not enforce a |
globalAlertmanagerGlobalConfig |
(Optional)
Defines the global parameters of the Alertmanager configuration. |
templates[]SecretOrConfigMap |
(Optional)
Custom notification templates. |
AlertmanagerEndpoints
(Appears on:AlertingSpec)
AlertmanagerEndpoints defines a selection of a single Endpoints object containing Alertmanager IPs to fire alerts against.
| Field | Description |
|---|---|
namespacestring |
(Optional)
Namespace of the Endpoints object. If not set, the object will be discovered in the namespace of the Prometheus object. |
namestring |
Name of the Endpoints object in the namespace. |
portk8s.io/apimachinery/pkg/util/intstr.IntOrString |
Port on which the Alertmanager API is exposed. |
schemestring |
Scheme to use when firing alerts. |
pathPrefixstring |
Prefix for the HTTP path alerts are pushed to. |
tlsConfigTLSConfig |
(Optional)
TLS Config to use for Alertmanager. |
basicAuthBasicAuth |
(Optional)
BasicAuth configuration for Alertmanager. Cannot be set at the same time as |
bearerTokenFilestring |
File to read bearer token for Alertmanager. Cannot be set at the same time as Deprecated: this will be removed in a future release. Prefer using |
authorizationSafeAuthorization |
(Optional)
Authorization section for Alertmanager. Cannot be set at the same time as |
sigv4Sigv4 |
(Optional)
Sigv4 allows to configures AWS’s Signature Verification 4 for the URL. It requires Prometheus >= v2.48.0. Cannot be set at the same time as |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
apiVersionAlertmanagerAPIVersion |
(Optional)
Version of the Alertmanager API that Prometheus uses to send alerts. It can be “V1” or “V2”. The field has no effect for Prometheus >= v3.0.0 because only the v2 API is supported. |
timeoutDuration |
(Optional)
Timeout is a per-target Alertmanager timeout when pushing alerts. |
enableHttp2bool |
(Optional)
Whether to enable HTTP2. |
relabelings[]RelabelConfig |
(Optional)
Relabel configuration applied to the discovered Alertmanagers. |
alertRelabelings[]RelabelConfig |
(Optional)
Relabeling configs applied before sending alerts to a specific Alertmanager. It requires Prometheus >= v2.51.0. |
AlertmanagerGlobalConfig
(Appears on:AlertmanagerConfiguration)
AlertmanagerGlobalConfig configures parameters that are valid in all other configuration contexts. See https://prometheus.io/docs/alerting/latest/configuration/#configuration-file
| Field | Description |
|---|---|
smtpGlobalSMTPConfig |
(Optional)
Configures global SMTP parameters. |
resolveTimeoutDuration |
ResolveTimeout is the default value used by alertmanager if the alert does not include EndsAt, after this time passes it can declare the alert as resolved if it has not been updated. This has no impact on alerts from Prometheus, as they always include EndsAt. |
httpConfigHTTPConfig |
HTTP client configuration. |
slackApiUrlKubernetes core/v1.SecretKeySelector |
The default Slack API URL. |
opsGenieApiUrlKubernetes core/v1.SecretKeySelector |
The default OpsGenie API URL. |
opsGenieApiKeyKubernetes core/v1.SecretKeySelector |
The default OpsGenie API Key. |
pagerdutyUrlstring |
The default Pagerduty URL. |
telegramGlobalTelegramConfig |
The default Telegram config |
jiraGlobalJiraConfig |
The default configuration for Jira. |
victoropsGlobalVictorOpsConfig |
The default configuration for VictorOps. |
rocketChatGlobalRocketChatConfig |
The default configuration for Rocket Chat. |
webexGlobalWebexConfig |
The default configuration for Jira. |
wechatGlobalWeChatConfig |
(Optional)
The default WeChat Config |
AlertmanagerLimitsSpec
(Appears on:AlertmanagerSpec)
AlertmanagerLimitsSpec defines the limits command line flags when starting Alertmanager.
| Field | Description |
|---|---|
maxSilencesint32 |
(Optional)
The maximum number active and pending silences. This corresponds to the
Alertmanager’s |
maxPerSilenceBytesByteSize |
(Optional)
The maximum size of an individual silence as stored on disk. This corresponds to the Alertmanager’s
|
AlertmanagerSpec
(Appears on:Alertmanager)
AlertmanagerSpec is a specification of the desired behavior of the Alertmanager cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
| Field | Description |
|---|---|
podMetadataEmbeddedObjectMetadata |
PodMetadata configures labels and annotations which are propagated to the Alertmanager pods. The following items are reserved and cannot be overridden: * “alertmanager” label, set to the name of the Alertmanager instance. * “app.kubernetes.io/instance” label, set to the name of the Alertmanager instance. * “app.kubernetes.io/managed-by” label, set to “prometheus-operator”. * “app.kubernetes.io/name” label, set to “alertmanager”. * “app.kubernetes.io/version” label, set to the Alertmanager version. * “kubectl.kubernetes.io/default-container” annotation, set to “alertmanager”. |
imagestring |
Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Alertmanager is being configured. |
imagePullPolicyKubernetes core/v1.PullPolicy |
Image pull policy for the ‘alertmanager’, ‘init-config-reloader’ and ‘config-reloader’ containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. |
versionstring |
Version the cluster should be on. |
tagstring |
Tag of Alertmanager container image to be deployed. Defaults to the value of |
shastring |
SHA of Alertmanager container image to be deployed. Defaults to the value of |
baseImagestring |
Base image that is used to deploy pods, without tag. Deprecated: use ‘image’ instead. |
imagePullSecrets[]Kubernetes core/v1.LocalObjectReference |
An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ |
secrets[]string |
Secrets is a list of Secrets in the same namespace as the Alertmanager
object, which shall be mounted into the Alertmanager Pods.
Each Secret is added to the StatefulSet definition as a volume named |
configMaps[]string |
ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager
object, which shall be mounted into the Alertmanager Pods.
Each ConfigMap is added to the StatefulSet definition as a volume named |
configSecretstring |
ConfigSecret is the name of a Kubernetes Secret in the same namespace as the
Alertmanager object, which contains the configuration for this Alertmanager
instance. If empty, it defaults to The Alertmanager configuration should be available under the
If either the secret or the |
logLevelstring |
Log level for Alertmanager to be configured with. |
logFormatstring |
Log format for Alertmanager to be configured with. |
replicasint32 |
Size is the expected size of the alertmanager cluster. The controller will eventually make the size of the running cluster equal to the expected size. |
retentionGoDuration |
Time duration Alertmanager shall retain data for. Default is ‘120h’,
and must match the regular expression |
storageStorageSpec |
Storage is the definition of how storage will be used by the Alertmanager instances. |
volumes[]Kubernetes core/v1.Volume |
Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects. |
volumeMounts[]Kubernetes core/v1.VolumeMount |
VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, that are generated as a result of StorageSpec objects. |
persistentVolumeClaimRetentionPolicyKubernetes apps/v1.StatefulSetPersistentVolumeClaimRetentionPolicy |
(Optional)
The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. The default behavior is all PVCs are retained. This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. It requires enabling the StatefulSetAutoDeletePVC feature gate. |
externalUrlstring |
The external URL the Alertmanager instances will be available under. This is necessary to generate correct URLs. This is necessary if Alertmanager is not served from root of a DNS name. |
routePrefixstring |
The route prefix Alertmanager registers HTTP handlers for. This is useful,
if using ExternalURL and a proxy is rewriting HTTP routes of a request,
and the actual ExternalURL is still true, but the server serves requests
under a different route prefix. For example for use with |
pausedbool |
If set to true all actions on the underlying managed objects are not goint to be performed, except for delete actions. |
nodeSelectormap[string]string |
Define which Nodes the Pods are scheduled on. |
resourcesKubernetes core/v1.ResourceRequirements |
Define resources requests and limits for single Pods. |
affinityKubernetes core/v1.Affinity |
If specified, the pod’s scheduling constraints. |
tolerations[]Kubernetes core/v1.Toleration |
If specified, the pod’s tolerations. |
topologySpreadConstraints[]Kubernetes core/v1.TopologySpreadConstraint |
If specified, the pod’s topology spread constraints. |
securityContextKubernetes core/v1.PodSecurityContext |
SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext. |
dnsPolicyDNSPolicy |
(Optional)
Defines the DNS policy for the pods. |
dnsConfigPodDNSConfig |
(Optional)
Defines the DNS configuration for the pods. |
enableServiceLinksbool |
(Optional)
Indicates whether information about services should be injected into pod’s environment variables |
serviceNamestring |
(Optional)
The name of the service name used by the underlying StatefulSet(s) as the governing service.
If defined, the Service must be created before the Alertmanager resource in the same namespace and it must define a selector that matches the pod labels.
If empty, the operator will create and manage a headless service named |
serviceAccountNamestring |
ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods. |
listenLocalbool |
ListenLocal makes the Alertmanager server listen on loopback, so that it does not bind against the Pod IP. Note this is only for the Alertmanager UI, not the gossip communication. |
containers[]Kubernetes core/v1.Container |
Containers allows injecting additional containers. This is meant to
allow adding an authentication proxy to an Alertmanager pod.
Containers described here modify an operator generated container if they
share the same name and modifications are done via a strategic merge
patch. The current container names are: |
initContainers[]Kubernetes core/v1.Container |
InitContainers allows adding initContainers to the pod definition. Those can be used to e.g.
fetch secrets for injection into the Alertmanager configuration from external sources. Any
errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
InitContainers described here modify an operator
generated init containers if they share the same name and modifications are
done via a strategic merge patch. The current init container name is:
|
priorityClassNamestring |
Priority class assigned to the Pods |
additionalPeers[]string |
AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster. |
clusterAdvertiseAddressstring |
ClusterAdvertiseAddress is the explicit address to advertise in cluster. Needs to be provided for non RFC1918 1 addresses. [1] RFC1918: https://tools.ietf.org/html/rfc1918 |
clusterGossipIntervalGoDuration |
Interval between gossip attempts. |
clusterLabelstring |
Defines the identifier that uniquely identifies the Alertmanager cluster.
You should only set it when the Alertmanager cluster includes Alertmanager instances which are external to this Alertmanager resource. In practice, the addresses of the external instances are provided via the |
clusterPushpullIntervalGoDuration |
Interval between pushpull attempts. |
clusterPeerTimeoutGoDuration |
Timeout for cluster peering. |
portNamestring |
Port name used for the pods and governing service.
Defaults to |
forceEnableClusterModebool |
ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each. |
alertmanagerConfigSelectorKubernetes meta/v1.LabelSelector |
AlertmanagerConfigs to be selected for to merge and configure Alertmanager with. |
alertmanagerConfigNamespaceSelectorKubernetes meta/v1.LabelSelector |
Namespaces to be selected for AlertmanagerConfig discovery. If nil, only check own namespace. |
alertmanagerConfigMatcherStrategyAlertmanagerConfigMatcherStrategy |
AlertmanagerConfigMatcherStrategy defines how AlertmanagerConfig objects process incoming alerts. |
minReadySecondsuint32 |
(Optional)
Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate. |
hostAliases[]HostAlias |
Pods’ hostAliases configuration |
webAlertmanagerWebSpec |
Defines the web command line flags when starting Alertmanager. |
limitsAlertmanagerLimitsSpec |
Defines the limits command line flags when starting Alertmanager. |
clusterTLSClusterTLSConfig |
(Optional)
Configures the mutual TLS configuration for the Alertmanager cluster’s gossip protocol. It requires Alertmanager >= 0.24.0. |
alertmanagerConfigurationAlertmanagerConfiguration |
(Optional)
alertmanagerConfiguration specifies the configuration of Alertmanager. If defined, it takes precedence over the This is an experimental feature, it may change in any upcoming release in a breaking way. |
automountServiceAccountTokenbool |
(Optional)
AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod.
If the service account has |
enableFeatures[]string |
(Optional)
Enable access to Alertmanager feature flags. By default, no features are enabled. Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. It requires Alertmanager >= 0.27.0. |
additionalArgs[]Argument |
(Optional)
AdditionalArgs allows setting additional arguments for the ‘Alertmanager’ container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Alertmanager container which may cause issues if they are invalid or not supported by the given Alertmanager version. |
terminationGracePeriodSecondsint64 |
(Optional)
Optional duration in seconds the pod needs to terminate gracefully. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down) which may lead to data corruption. Defaults to 120 seconds. |
AlertmanagerStatus
(Appears on:Alertmanager)
AlertmanagerStatus is the most recent observed status of the Alertmanager cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
| Field | Description |
|---|---|
pausedbool |
Represents whether any actions on the underlying managed objects are being performed. Only delete actions will be performed. |
replicasint32 |
Total number of non-terminated pods targeted by this Alertmanager object (their labels match the selector). |
updatedReplicasint32 |
Total number of non-terminated pods targeted by this Alertmanager object that have the desired version spec. |
availableReplicasint32 |
Total number of available pods (ready for at least minReadySeconds) targeted by this Alertmanager cluster. |
unavailableReplicasint32 |
Total number of unavailable pods targeted by this Alertmanager object. |
selectorstring |
The selector used to match the pods targeted by this Alertmanager object. |
conditions[]Condition |
(Optional)
The current state of the Alertmanager object. |
AlertmanagerWebSpec
(Appears on:AlertmanagerSpec)
AlertmanagerWebSpec defines the web command line flags when starting Alertmanager.
| Field | Description |
|---|---|
tlsConfigWebTLSConfig |
Defines the TLS parameters for HTTPS. |
httpConfigWebHTTPConfig |
Defines HTTP parameters for web server. |
getConcurrencyuint32 |
(Optional)
Maximum number of GET requests processed concurrently. This corresponds to the
Alertmanager’s |
timeoutuint32 |
(Optional)
Timeout for HTTP requests. This corresponds to the Alertmanager’s
|
ArbitraryFSAccessThroughSMsConfig
(Appears on:CommonPrometheusFields)
ArbitraryFSAccessThroughSMsConfig enables users to configure, whether a service monitor selected by the Prometheus instance is allowed to use arbitrary files on the file system of the Prometheus container. This is the case when e.g. a service monitor specifies a BearerTokenFile in an endpoint. A malicious user could create a service monitor selecting arbitrary secret files in the Prometheus container. Those secrets would then be sent with a scrape request by Prometheus to a malicious target. Denying the above would prevent the attack, users can instead use the BearerTokenSecret field.
| Field | Description |
|---|---|
denybool |
Argument
(Appears on:AlertmanagerSpec, CommonPrometheusFields, ThanosRulerSpec, ThanosSpec)
Argument as part of the AdditionalArgs list.
| Field | Description |
|---|---|
namestring |
Name of the argument, e.g. “scrape.discovery-reload-interval”. |
valuestring |
Argument value, e.g. 30s. Can be empty for name-only arguments (e.g. –storage.tsdb.no-lockfile) |
AttachMetadata
(Appears on:PodMonitorSpec, ScrapeClass, ServiceMonitorSpec)
| Field | Description |
|---|---|
nodebool |
(Optional)
When set to true, Prometheus attaches node metadata to the discovered targets. The Prometheus service account must have the |
Authorization
(Appears on:APIServerConfig, RemoteReadSpec, RemoteWriteSpec, ScrapeClass)
| Field | Description |
|---|---|
typestring |
Defines the authentication type. The value is case-insensitive. “Basic” is not a supported value. Default: “Bearer” |
credentialsKubernetes core/v1.SecretKeySelector |
Selects a key of a Secret in the namespace that contains the credentials for authentication. |
credentialsFilestring |
File to read a secret from, mutually exclusive with |
AuthorizationValidationError
AuthorizationValidationError is returned by Authorization.Validate() on semantically invalid configurations.
| Field | Description |
|---|---|
errstring |
AzureAD
(Appears on:RemoteWriteSpec)
AzureAD defines the configuration for remote write’s azuread parameters.
| Field | Description |
|---|---|
cloudstring |
(Optional)
The Azure Cloud. Options are ‘AzurePublic’, ‘AzureChina’, or ‘AzureGovernment’. |
managedIdentityManagedIdentity |
(Optional)
ManagedIdentity defines the Azure User-assigned Managed identity.
Cannot be set at the same time as |
oauthAzureOAuth |
(Optional)
OAuth defines the oauth config that is being used to authenticate.
Cannot be set at the same time as It requires Prometheus >= v2.48.0 or Thanos >= v0.31.0. |
sdkAzureSDK |
(Optional)
SDK defines the Azure SDK config that is being used to authenticate.
See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication
Cannot be set at the same time as It requires Prometheus >= v2.52.0 or Thanos >= v0.36.0. |
AzureOAuth
(Appears on:AzureAD)
AzureOAuth defines the Azure OAuth settings.
| Field | Description |
|---|---|
clientIdstring |
|
clientSecretKubernetes core/v1.SecretKeySelector |
|
tenantIdstring |
|
AzureSDK
(Appears on:AzureAD)
AzureSDK is used to store azure SDK config values.
| Field | Description |
|---|---|
tenantIdstring |
(Optional)
|
BasicAuth
(Appears on:APIServerConfig, AlertmanagerEndpoints, Endpoint, HTTPConfig, PodMetricsEndpoint, ProbeSpec, RemoteReadSpec, RemoteWriteSpec, AzureSDConfig, ConsulSDConfig, DockerSDConfig, DockerSwarmSDConfig, EurekaSDConfig, HTTPConfig, HTTPSDConfig, HetznerSDConfig, KubernetesSDConfig, KumaSDConfig, LightSailSDConfig, NomadSDConfig, PuppetDBSDConfig, ScrapeConfigSpec, HTTPConfig)
BasicAuth configures HTTP Basic Authentication settings.
| Field | Description |
|---|---|
usernameKubernetes core/v1.SecretKeySelector |
|
passwordKubernetes core/v1.SecretKeySelector |
|
ByteSize
(string alias)
(Appears on:AlertmanagerLimitsSpec, CommonPrometheusFields, PodMonitorSpec, PrometheusSpec, ServiceMonitorSpec)
ByteSize is a valid memory size type based on powers-of-2, so 1KB is 1024B.
Supported units: B, KB, KiB, MB, MiB, GB, GiB, TB, TiB, PB, PiB, EB, EiB Ex: 512MB.
ClusterTLSConfig
(Appears on:AlertmanagerSpec)
ClusterTLSConfig defines the mutual TLS configuration for the Alertmanager cluster TLS protocol.
| Field | Description |
|---|---|
serverWebTLSConfig |
Server-side configuration for mutual TLS. |
clientSafeTLSConfig |
Client-side configuration for mutual TLS. |
CommonPrometheusFields
(Appears on:PrometheusSpec, PrometheusAgentSpec)
CommonPrometheusFields are the options available to both the Prometheus server and agent.
| Field | Description |
|---|---|
podMetadataEmbeddedObjectMetadata |
PodMetadata configures labels and annotations which are propagated to the Prometheus pods. The following items are reserved and cannot be overridden: * “prometheus” label, set to the name of the Prometheus object. * “app.kubernetes.io/instance” label, set to the name of the Prometheus object. * “app.kubernetes.io/managed-by” label, set to “prometheus-operator”. * “app.kubernetes.io/name” label, set to “prometheus”. * “app.kubernetes.io/version” label, set to the Prometheus version. * “operator.prometheus.io/name” label, set to the name of the Prometheus object. * “operator.prometheus.io/shard” label, set to the shard number of the Prometheus object. * “kubectl.kubernetes.io/default-container” annotation, set to “prometheus”. |
serviceMonitorSelectorKubernetes meta/v1.LabelSelector |
ServiceMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If |
serviceMonitorNamespaceSelectorKubernetes meta/v1.LabelSelector |
Namespaces to match for ServicedMonitors discovery. An empty label selector matches all namespaces. A null label selector (default value) matches the current namespace only. |
podMonitorSelectorKubernetes meta/v1.LabelSelector |
PodMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If |
podMonitorNamespaceSelectorKubernetes meta/v1.LabelSelector |
Namespaces to match for PodMonitors discovery. An empty label selector matches all namespaces. A null label selector (default value) matches the current namespace only. |
probeSelectorKubernetes meta/v1.LabelSelector |
Probes to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If |
probeNamespaceSelectorKubernetes meta/v1.LabelSelector |
Namespaces to match for Probe discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. |
scrapeConfigSelectorKubernetes meta/v1.LabelSelector |
(Optional)
ScrapeConfigs to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If Note that the ScrapeConfig custom resource definition is currently at Alpha level. |
scrapeConfigNamespaceSelectorKubernetes meta/v1.LabelSelector |
(Optional)
Namespaces to match for ScrapeConfig discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. Note that the ScrapeConfig custom resource definition is currently at Alpha level. |
versionstring |
Version of Prometheus being deployed. The operator uses this information to generate the Prometheus StatefulSet + configuration files. If not specified, the operator assumes the latest upstream version of Prometheus available at the time when the version of the operator was released. |
pausedbool |
When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects. |
imagestring |
(Optional)
Container image name for Prometheus. If specified, it takes precedence
over the Specifying If neither |
imagePullPolicyKubernetes core/v1.PullPolicy |
Image pull policy for the ‘prometheus’, ‘init-config-reloader’ and ‘config-reloader’ containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. |
imagePullSecrets[]Kubernetes core/v1.LocalObjectReference |
An optional list of references to Secrets in the same namespace to use for pulling images from registries. See http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod |
replicasint32 |
(Optional)
Number of replicas of each shard to deploy for a Prometheus deployment.
Default: 1 |
shardsint32 |
Number of shards to distribute the scraped targets onto.
When not defined, the operator assumes only one shard. Note that scaling down shards will not reshard data onto the remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally, use either * Thanos sidecar + querier for query federation and Thanos Ruler for rules. * Remote-write to send metrics to a central location. By default, the sharding of targets is performed on:
* The Users can define their own sharding implementation by setting the
You can also disable sharding on a specific target by setting the
|
replicaExternalLabelNamestring |
(Optional)
Name of Prometheus external label used to denote the replica name.
The external label will not be added when the field is set to the
empty string ( Default: “prometheus_replica” |
prometheusExternalLabelNamestring |
(Optional)
Name of Prometheus external label used to denote the Prometheus instance
name. The external label will not be added when the field is set to
the empty string ( Default: “prometheus” |
logLevelstring |
Log level for Prometheus and the config-reloader sidecar. |
logFormatstring |
Log format for Log level for Prometheus and the config-reloader sidecar. |
scrapeIntervalDuration |
Interval between consecutive scrapes. Default: “30s” |
scrapeTimeoutDuration |
Number of seconds to wait until a scrape request times out. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. |
scrapeProtocols[]ScrapeProtocol |
(Optional)
The protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. It requires Prometheus >= v2.49.0.
|
externalLabelsmap[string]string |
The labels to add to any time series or alerts when communicating with
external systems (federation, remote storage, Alertmanager).
Labels defined by |
enableRemoteWriteReceiverbool |
Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver It requires Prometheus >= v2.33.0. |
enableOTLPReceiverbool |
(Optional)
Enable Prometheus to be used as a receiver for the OTLP Metrics protocol. Note that the OTLP receiver endpoint is automatically enabled if It requires Prometheus >= v2.47.0. |
remoteWriteReceiverMessageVersions[]RemoteWriteMessageVersion |
(Optional)
List of the protobuf message versions to accept when receiving the remote writes. It requires Prometheus >= v2.54.0. |
enableFeatures[]EnableFeature |
(Optional)
Enable access to Prometheus feature flags. By default, no features are enabled. Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. For more information see https://prometheus.io/docs/prometheus/latest/feature_flags/ |
externalUrlstring |
The external URL under which the Prometheus service is externally available. This is necessary to generate correct URLs (for instance if Prometheus is accessible behind an Ingress resource). |
routePrefixstring |
The route prefix Prometheus registers HTTP handlers for. This is useful when using |
storageStorageSpec |
Storage defines the storage used by Prometheus. |
volumes[]Kubernetes core/v1.Volume |
Volumes allows the configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects. |
volumeMounts[]Kubernetes core/v1.VolumeMount |
VolumeMounts allows the configuration of additional VolumeMounts. VolumeMounts will be appended to other VolumeMounts in the ‘prometheus’ container, that are generated as a result of StorageSpec objects. |
persistentVolumeClaimRetentionPolicyKubernetes apps/v1.StatefulSetPersistentVolumeClaimRetentionPolicy |
(Optional)
The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. The default behavior is all PVCs are retained. This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. It requires enabling the StatefulSetAutoDeletePVC feature gate. |
webPrometheusWebSpec |
Defines the configuration of the Prometheus web server. |
resourcesKubernetes core/v1.ResourceRequirements |
Defines the resources requests and limits of the ‘prometheus’ container. |
nodeSelectormap[string]string |
Defines on which Nodes the Pods are scheduled. |
serviceAccountNamestring |
ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods. |
automountServiceAccountTokenbool |
(Optional)
AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. If the field isn’t set, the operator mounts the service account token by default. Warning: be aware that by default, Prometheus requires the service account token for Kubernetes service discovery. It is possible to use strategic merge patch to project the service account token into the ‘prometheus’ container. |
secrets[]string |
Secrets is a list of Secrets in the same namespace as the Prometheus
object, which shall be mounted into the Prometheus Pods.
Each Secret is added to the StatefulSet definition as a volume named |
configMaps[]string |
ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus
object, which shall be mounted into the Prometheus Pods.
Each ConfigMap is added to the StatefulSet definition as a volume named |
affinityKubernetes core/v1.Affinity |
(Optional)
Defines the Pods’ affinity scheduling rules if specified. |
tolerations[]Kubernetes core/v1.Toleration |
(Optional)
Defines the Pods’ tolerations if specified. |
topologySpreadConstraints[]TopologySpreadConstraint |
(Optional)
Defines the pod’s topology spread constraints if specified. |
remoteWrite[]RemoteWriteSpec |
(Optional)
Defines the list of remote write configurations. |
otlpOTLPConfig |
(Optional)
Settings related to the OTLP receiver feature. It requires Prometheus >= v2.55.0. |
securityContextKubernetes core/v1.PodSecurityContext |
(Optional)
SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext. |
dnsPolicyDNSPolicy |
(Optional)
Defines the DNS policy for the pods. |
dnsConfigPodDNSConfig |
(Optional)
Defines the DNS configuration for the pods. |
listenLocalbool |
When true, the Prometheus server listens on the loopback address instead of the Pod IP’s address. |
enableServiceLinksbool |
(Optional)
Indicates whether information about services should be injected into pod’s environment variables |
containers[]Kubernetes core/v1.Container |
(Optional)
Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to the Pods or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The names of containers managed by the operator are:
* Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. |
initContainers[]Kubernetes core/v1.Container |
(Optional)
InitContainers allows injecting initContainers to the Pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. The names of init container name managed by the operator are:
* Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. |
additionalScrapeConfigsKubernetes core/v1.SecretKeySelector |
(Optional)
AdditionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. As scrape configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible scrape configs are going to break Prometheus after the upgrade. |
apiserverConfigAPIServerConfig |
(Optional)
APIServerConfig allows specifying a host and auth methods to access the Kuberntees API server. If null, Prometheus is assumed to run inside of the cluster: it will discover the API servers automatically and use the Pod’s CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. |
priorityClassNamestring |
Priority class assigned to the Pods. |
portNamestring |
Port name used for the pods and governing service. Default: “web” |
arbitraryFSAccessThroughSMsArbitraryFSAccessThroughSMsConfig |
When true, ServiceMonitor, PodMonitor and Probe object are forbidden to
reference arbitrary files on the file system of the ‘prometheus’
container.
When a ServiceMonitor’s endpoint specifies a |
overrideHonorLabelsbool |
When true, Prometheus resolves label conflicts by renaming the labels in the scraped data
to “exported_” for all targets created from ServiceMonitor, PodMonitor and
ScrapeConfig objects. Otherwise the HonorLabels field of the service or pod monitor applies.
In practice, |
overrideHonorTimestampsbool |
When true, Prometheus ignores the timestamps for all the targets created from service and pod monitors. Otherwise the HonorTimestamps field of the service or pod monitor applies. |
ignoreNamespaceSelectorsbool |
When true, |
enforcedNamespaceLabelstring |
When not empty, a label will be added to:
The label will not added for objects referenced in The label’s name is this field’s value.
The label’s value is the namespace of the |
enforcedSampleLimituint64 |
(Optional)
When defined, enforcedSampleLimit specifies a global limit on the number
of scraped samples that will be accepted. This overrides any
It is meant to be used by admins to keep the overall number of samples/series under a desired limit. When both |
enforcedTargetLimituint64 |
(Optional)
When defined, enforcedTargetLimit specifies a global limit on the number
of scraped targets. The value overrides any It is meant to be used by admins to to keep the overall number of targets under a desired limit. When both |
enforcedLabelLimituint64 |
(Optional)
When defined, enforcedLabelLimit specifies a global limit on the number
of labels per sample. The value overrides any It requires Prometheus >= v2.27.0. When both |
enforcedLabelNameLengthLimituint64 |
(Optional)
When defined, enforcedLabelNameLengthLimit specifies a global limit on the length
of labels name per sample. The value overrides any It requires Prometheus >= v2.27.0. When both |
enforcedLabelValueLengthLimituint64 |
(Optional)
When not null, enforcedLabelValueLengthLimit defines a global limit on the length
of labels value per sample. The value overrides any It requires Prometheus >= v2.27.0. When both |
enforcedKeepDroppedTargetsuint64 |
(Optional)
When defined, enforcedKeepDroppedTargets specifies a global limit on the number of targets
dropped by relabeling that will be kept in memory. The value overrides
any It requires Prometheus >= v2.47.0. When both |
enforcedBodySizeLimitByteSize |
When defined, enforcedBodySizeLimit specifies a global limit on the size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. It requires Prometheus >= v2.28.0. When both |
nameValidationSchemeNameValidationSchemeOptions |
(Optional)
Specifies the validation scheme for metric and label names. It requires Prometheus >= v2.55.0. |
nameEscapingSchemeNameEscapingSchemeOptions |
(Optional)
Specifies the character escaping scheme that will be requested when scraping for metric and label names that do not conform to the legacy Prometheus character set. It requires Prometheus >= v3.4.0. |
convertClassicHistogramsToNHCBbool |
(Optional)
Whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.4.0. |
scrapeClassicHistogramsbool |
(Optional)
Whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v3.5.0. |
minReadySecondsuint32 |
(Optional)
Minimum number of seconds for which a newly created Pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate. |
hostAliases[]HostAlias |
(Optional)
Optional list of hosts and IPs that will be injected into the Pod’s hosts file if specified. |
additionalArgs[]Argument |
(Optional)
AdditionalArgs allows setting additional arguments for the ‘prometheus’ container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Prometheus container which may cause issues if they are invalid or not supported by the given Prometheus version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument, the reconciliation will fail and an error will be logged. |
walCompressionbool |
(Optional)
Configures compression of the write-ahead log (WAL) using Snappy. WAL compression is enabled by default for Prometheus >= 2.20.0 Requires Prometheus v2.11.0 and above. |
excludedFromEnforcement[]ObjectReference |
(Optional)
List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. It is only applicable if |
hostNetworkbool |
Use the host’s network namespace if true. Make sure to understand the security implications if you want to enable it (https://kubernetes.io/docs/concepts/configuration/overview/ ). When hostNetwork is enabled, this will set the DNS policy to
|
podTargetLabels[]string |
(Optional)
PodTargetLabels are appended to the |
tracingConfigPrometheusTracingConfig |
(Optional)
TracingConfig configures tracing in Prometheus. This is an experimental feature, it may change in any upcoming release in a breaking way. |
bodySizeLimitByteSize |
(Optional)
BodySizeLimit defines per-scrape on response body size. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedBodySizeLimit. |
sampleLimituint64 |
(Optional)
SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedSampleLimit. |
targetLimituint64 |
(Optional)
TargetLimit defines a limit on the number of scraped targets that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedTargetLimit. |
labelLimituint64 |
(Optional)
Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedLabelLimit. |
labelNameLengthLimituint64 |
(Optional)
Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedLabelNameLengthLimit. |
labelValueLengthLimituint64 |
(Optional)
Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedLabelValueLengthLimit. |
keepDroppedTargetsuint64 |
(Optional)
Per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedKeepDroppedTargets. |
reloadStrategyReloadStrategyType |
(Optional)
Defines the strategy used to reload the Prometheus configuration. If not specified, the configuration is reloaded using the /-/reload HTTP endpoint. |
maximumStartupDurationSecondsint32 |
(Optional)
Defines the maximum time that the |
scrapeClasses[]ScrapeClass |
List of scrape classes to expose to scraping objects such as PodMonitors, ServiceMonitors, Probes and ScrapeConfigs. This is an experimental feature, it may change in any upcoming release in a breaking way. |
serviceDiscoveryRoleServiceDiscoveryRole |
(Optional)
Defines the service discovery role used to discover targets from
If set, the value should be either “Endpoints” or “EndpointSlice”. If unset, the operator assumes the “Endpoints” role. |
tsdbTSDBSpec |
(Optional)
Defines the runtime reloadable configuration of the timeseries database(TSDB). It requires Prometheus >= v2.39.0 or PrometheusAgent >= v2.54.0. |
scrapeFailureLogFilestring |
(Optional)
File to which scrape failures are logged. Reloading the configuration will reopen the file. If the filename has an empty path, e.g. ‘file.log’, The Prometheus Pods
will mount the file into an emptyDir volume at |
serviceNamestring |
(Optional)
The name of the service name used by the underlying StatefulSet(s) as the governing service.
If defined, the Service must be created before the Prometheus/PrometheusAgent resource in the same namespace and it must define a selector that matches the pod labels.
If empty, the operator will create and manage a headless service named |
runtimeRuntimeConfig |
(Optional)
RuntimeConfig configures the values for the Prometheus process behavior |
terminationGracePeriodSecondsint64 |
(Optional)
Optional duration in seconds the pod needs to terminate gracefully. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down) which may lead to data corruption. Defaults to 600 seconds. |
Condition
(Appears on:AlertmanagerStatus, PrometheusStatus, ThanosRulerStatus)
Condition represents the state of the resources associated with the Prometheus, Alertmanager or ThanosRuler resource.
| Field | Description |
|---|---|
typeConditionType |
Type of the condition being reported. |
statusConditionStatus |
Status of the condition. |
lastTransitionTimeKubernetes meta/v1.Time |
lastTransitionTime is the time of the last update to the current status property. |
reasonstring |
(Optional)
Reason for the condition’s last transition. |
messagestring |
(Optional)
Human-readable message indicating details for the condition’s last transition. |
observedGenerationint64 |
ObservedGeneration represents the .metadata.generation that the
condition was set based upon. For instance, if |
ConditionStatus
(string alias)
(Appears on:Condition, ConfigResourceCondition)
| Value | Description |
|---|---|
"Degraded" |
|
"False" |
|
"True" |
|
"Unknown" |
ConditionType
(string alias)
(Appears on:Condition, ConfigResourceCondition)
| Value | Description |
|---|---|
"Accepted" |
Accepted indicates whether the workload controller has successfully accepted the configuration resource and updated the configuration of the workload accordingly. The possible status values for this condition type are: - True: the configuration resource was successfully accepted by the controller and written to the configuration secret. - False: the controller rejected the configuration due to an error. - Unknown: the operator couldn’t determine the condition status. |
"Available" |
Available indicates whether enough pods are ready to provide the service. The possible status values for this condition type are: - True: all pods are running and ready, the service is fully available. - Degraded: some pods aren’t ready, the service is partially available. - False: no pods are running, the service is totally unavailable. - Unknown: the operator couldn’t determine the condition status. |
"Reconciled" |
Reconciled indicates whether the operator has reconciled the state of the underlying resources with the object’s spec. The possible status values for this condition type are: - True: the reconciliation was successful. - False: the reconciliation failed. - Unknown: the operator couldn’t determine the condition status. |
ConfigResourceCondition
(Appears on:WorkloadBinding)
ConfigResourceCondition describes the status of configuration resources linked to Prometheus, PrometheusAgent, Alertmanager, or ThanosRuler.
| Field | Description |
|---|---|
typeConditionType |
Type of the condition being reported. Currently, only “Accepted” is supported. |
statusConditionStatus |
Status of the condition. |
lastTransitionTimeKubernetes meta/v1.Time |
LastTransitionTime is the time of the last update to the current status property. |
reasonstring |
(Optional)
Reason for the condition’s last transition. |
messagestring |
(Optional)
Human-readable message indicating details for the condition’s last transition. |
observedGenerationint64 |
ObservedGeneration represents the .metadata.generation that the
condition was set based upon. For instance, if |
ConfigResourceStatus
(Appears on:ServiceMonitor)
ConfigResourceStatus is the most recent observed status of the Configuration Resource (ServiceMonitor, PodMonitor and Probes). Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
| Field | Description |
|---|---|
bindings[]WorkloadBinding |
(Optional)
The list of workload resources (Prometheus or PrometheusAgent) which select the configuration resource. |
CoreV1TopologySpreadConstraint
(Appears on:TopologySpreadConstraint)
| Field | Description |
|---|---|
maxSkewint32 |
MaxSkew describes the degree to which pods may be unevenly distributed.
When |
topologyKeystring |
TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a “bucket”, and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is “kubernetes.io/hostname”, each Node is a domain of that topology. And, if TopologyKey is “topology.kubernetes.io/zone”, each zone is a domain of that topology. It’s a required field. |
whenUnsatisfiableKubernetes core/v1.UnsatisfiableConstraintAction |
WhenUnsatisfiable indicates how to deal with a pod if it doesn’t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered “Unsatisfiable” for an incoming pod if and only if every possible node assignment for that pod would violate “MaxSkew” on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won’t make it more imbalanced. It’s a required field. |
labelSelectorKubernetes meta/v1.LabelSelector |
(Optional)
LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. |
minDomainsint32 |
(Optional)
MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats “global minimum” as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won’t schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so “global minimum” is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. |
nodeAffinityPolicyKubernetes core/v1.NodeInclusionPolicy |
(Optional)
NodeAffinityPolicy indicates how we will treat Pod’s nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. |
nodeTaintsPolicyKubernetes core/v1.NodeInclusionPolicy |
(Optional)
NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. |
matchLabelKeys[]string |
(Optional)
MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn’t set. Keys that don’t exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). |
DNSPolicy
(string alias)
(Appears on:AlertmanagerSpec, CommonPrometheusFields, ThanosRulerSpec)
DNSPolicy specifies the DNS policy for the pod.
| Value | Description |
|---|---|
"ClusterFirst" |
DNSClusterFirst indicates that the pod should use cluster DNS first unless hostNetwork is true, if it is available, then fall back on the default (as determined by kubelet) DNS settings. |
"ClusterFirstWithHostNet" |
DNSClusterFirstWithHostNet indicates that the pod should use cluster DNS first, if it is available, then fall back on the default (as determined by kubelet) DNS settings. |
"Default" |
DNSDefault indicates that the pod should use the default (as determined by kubelet) DNS settings. |
"None" |
DNSNone indicates that the pod should use empty DNS settings. DNS parameters such as nameservers and search paths should be defined via DNSConfig. |
Duration
(string alias)
(Appears on:AlertmanagerEndpoints, AlertmanagerGlobalConfig, CommonPrometheusFields, Endpoint, MetadataConfig, PodMetricsEndpoint, ProbeSpec, PrometheusSpec, PrometheusTracingConfig, QuerySpec, QueueConfig, RemoteReadSpec, RemoteWriteSpec, RetainConfig, Rule, RuleGroup, TSDBSpec, ThanosRulerSpec, ThanosSpec, AzureSDConfig, ConsulSDConfig, DNSSDConfig, DigitalOceanSDConfig, DockerSDConfig, DockerSwarmSDConfig, EC2SDConfig, EurekaSDConfig, FileSDConfig, GCESDConfig, HTTPSDConfig, HetznerSDConfig, IonosSDConfig, KumaSDConfig, LightSailSDConfig, LinodeSDConfig, NomadSDConfig, OVHCloudSDConfig, OpenStackSDConfig, PuppetDBSDConfig, PushoverConfig, ScalewaySDConfig, ScrapeConfigSpec, WebhookConfig, PushoverConfig, WebhookConfig)
Duration is a valid time duration that can be parsed by Prometheus model.ParseDuration() function.
Supported units: y, w, d, h, m, s, ms
Examples: 30s, 1m, 1h20m15s, 15d
EmbeddedObjectMetadata
(Appears on:AlertmanagerSpec, CommonPrometheusFields, EmbeddedPersistentVolumeClaim, ThanosRulerSpec)
EmbeddedObjectMetadata contains a subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta Only fields which are relevant to embedded resources are included.
| Field | Description |
|---|---|
namestring |
(Optional)
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/ |
labelsmap[string]string |
(Optional)
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ |
annotationsmap[string]string |
(Optional)
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ |
EmbeddedPersistentVolumeClaim
(Appears on:StorageSpec)
EmbeddedPersistentVolumeClaim is an embedded version of k8s.io/api/core/v1.PersistentVolumeClaim. It contains TypeMeta and a reduced ObjectMeta.
| Field | Description | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
metadataEmbeddedObjectMetadata |
EmbeddedMetadata contains metadata relevant to an EmbeddedResource. |
||||||||||||||||||
specKubernetes core/v1.PersistentVolumeClaimSpec |
(Optional)
Defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
|
||||||||||||||||||
statusKubernetes core/v1.PersistentVolumeClaimStatus |
(Optional)
Deprecated: this field is never set. |
EnableFeature
(string alias)
(Appears on:CommonPrometheusFields)
Endpoint
(Appears on:ServiceMonitorSpec)
Endpoint defines an endpoint serving Prometheus metrics to be scraped by Prometheus.
| Field | Description |
|---|---|
portstring |
Name of the Service port which this endpoint refers to. It takes precedence over |
targetPortk8s.io/apimachinery/pkg/util/intstr.IntOrString |
(Optional)
Name or number of the target port of the |
pathstring |
HTTP path from which to scrape for metrics. If empty, Prometheus uses the default value (e.g. |
schemestring |
HTTP scheme to use for scraping.
If empty, Prometheus uses the default value |
paramsmap[string][]string |
params define optional HTTP URL parameters. |
intervalDuration |
Interval at which Prometheus scrapes the metrics from the target. If empty, Prometheus uses the global scrape interval. |
scrapeTimeoutDuration |
Timeout after which Prometheus considers the scrape to be failed. If empty, Prometheus uses the global scrape timeout unless it is less than the target’s scrape interval value in which the latter is used. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. |
tlsConfigTLSConfig |
(Optional)
TLS configuration to use when scraping the target. |
bearerTokenFilestring |
File to read bearer token for scraping the target. Deprecated: use |
bearerTokenSecretKubernetes core/v1.SecretKeySelector |
(Optional)
Deprecated: use |
authorizationSafeAuthorization |
(Optional)
Cannot be set at the same time as |
honorLabelsbool |
When true, |
honorTimestampsbool |
(Optional)
|
trackTimestampsStalenessbool |
(Optional)
It requires Prometheus >= v2.48.0. |
basicAuthBasicAuth |
(Optional)
Cannot be set at the same time as |
oauth2OAuth2 |
(Optional)
It requires Prometheus >= 2.27.0. Cannot be set at the same time as |
metricRelabelings[]RelabelConfig |
(Optional)
|
relabelings[]RelabelConfig |
(Optional)
The Operator automatically adds relabelings for a few standard Kubernetes fields. The original scrape job’s name is available via the More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
|
enableHttp2bool |
(Optional)
|
filterRunningbool |
(Optional)
When true, the pods which are not running (e.g. either in Failed or Succeeded state) are dropped during the target discovery. If unset, the filtering is enabled. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase |
Exemplars
(Appears on:PrometheusSpec)
| Field | Description |
|---|---|
maxSizeint64 |
(Optional)
Maximum number of exemplars stored in memory for all series. exemplar-storage itself must be enabled using the If not set, Prometheus uses its default value. A value of zero or less than zero disables the storage. |
GlobalJiraConfig
(Appears on:AlertmanagerGlobalConfig)
GlobalJiraConfig configures global Jira parameters.
| Field | Description |
|---|---|
apiURLURL |
(Optional)
The default Jira API URL. It requires Alertmanager >= v0.28.0. |
GlobalRocketChatConfig
(Appears on:AlertmanagerGlobalConfig)
GlobalRocketChatConfig configures global Rocket Chat parameters.
| Field | Description |
|---|---|
apiURLURL |
(Optional)
The default Rocket Chat API URL. It requires Alertmanager >= v0.28.0. |
tokenKubernetes core/v1.SecretKeySelector |
(Optional)
The default Rocket Chat token. It requires Alertmanager >= v0.28.0. |
tokenIDKubernetes core/v1.SecretKeySelector |
(Optional)
The default Rocket Chat Token ID. It requires Alertmanager >= v0.28.0. |
GlobalSMTPConfig
(Appears on:AlertmanagerGlobalConfig)
GlobalSMTPConfig configures global SMTP parameters. See https://prometheus.io/docs/alerting/latest/configuration/#configuration-file
| Field | Description |
|---|---|
fromstring |
(Optional)
The default SMTP From header field. |
smartHostHostPort |
(Optional)
The default SMTP smarthost used for sending emails. |
hellostring |
(Optional)
The default hostname to identify to the SMTP server. |
authUsernamestring |
(Optional)
SMTP Auth using CRAM-MD5, LOGIN and PLAIN. If empty, Alertmanager doesn’t authenticate to the SMTP server. |
authPasswordKubernetes core/v1.SecretKeySelector |
(Optional)
SMTP Auth using LOGIN and PLAIN. |
authIdentitystring |
(Optional)
SMTP Auth using PLAIN |
authSecretKubernetes core/v1.SecretKeySelector |
(Optional)
SMTP Auth using CRAM-MD5. |
requireTLSbool |
(Optional)
The default SMTP TLS requirement. Note that Go does not support unencrypted connections to remote SMTP endpoints. |
tlsConfigSafeTLSConfig |
(Optional)
The default TLS configuration for SMTP receivers |
GlobalTelegramConfig
(Appears on:AlertmanagerGlobalConfig)
GlobalTelegramConfig configures global Telegram parameters.
| Field | Description |
|---|---|
apiURLURL |
(Optional)
The default Telegram API URL. It requires Alertmanager >= v0.24.0. |
GlobalVictorOpsConfig
(Appears on:AlertmanagerGlobalConfig)
GlobalVictorOpsConfig configures global VictorOps parameters.
| Field | Description |
|---|---|
apiURLURL |
(Optional)
The default VictorOps API URL. |
apiKeyKubernetes core/v1.SecretKeySelector |
(Optional)
The default VictorOps API Key. |
GlobalWeChatConfig
(Appears on:AlertmanagerGlobalConfig)
| Field | Description |
|---|---|
apiURLURL |
(Optional)
The default WeChat API URL. The default value is “https://qyapi.weixin.qq.com/cgi-bin/” |
apiSecretKubernetes core/v1.SecretKeySelector |
(Optional)
The default WeChat API Secret. |
apiCorpIDstring |
(Optional)
The default WeChat API Corporate ID. |
GlobalWebexConfig
(Appears on:AlertmanagerGlobalConfig)
GlobalWebexConfig configures global Webex parameters. See https://prometheus.io/docs/alerting/latest/configuration/#configuration-file
| Field | Description |
|---|---|
apiURLURL |
(Optional)
The default Webex API URL. It requires Alertmanager >= v0.25.0. |
GoDuration
(string alias)
(Appears on:AlertmanagerSpec)
GoDuration is a valid time duration that can be parsed by Go’s time.ParseDuration() function.
Supported units: h, m, s, ms
Examples: 45ms, 30s, 1m, 1h20m15s
HTTPConfig
(Appears on:AlertmanagerGlobalConfig)
HTTPConfig defines a client HTTP configuration. See https://prometheus.io/docs/alerting/latest/configuration/#http_config
| Field | Description |
|---|---|
authorizationSafeAuthorization |
(Optional)
Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. |
basicAuthBasicAuth |
(Optional)
BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. |
oauth2OAuth2 |
(Optional)
OAuth2 client credentials used to fetch a token for the targets. |
bearerTokenSecretKubernetes core/v1.SecretKeySelector |
(Optional)
The secret’s key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the Alertmanager object and accessible by the Prometheus Operator. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration for the client. |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
FollowRedirects specifies whether the client should follow HTTP 3xx redirects. |
HostAlias
(Appears on:AlertmanagerSpec, CommonPrometheusFields, ThanosRulerSpec)
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
| Field | Description |
|---|---|
ipstring |
IP address of the host file entry. |
hostnames[]string |
Hostnames for the above IP address. |
HostPort
(Appears on:GlobalSMTPConfig)
HostPort represents a “host:port” network address.
| Field | Description |
|---|---|
hoststring |
Defines the host’s address, it can be a DNS name or a literal IP address. |
portstring |
Defines the host’s port, it can be a literal port number or a port name. |
LabelName
(string alias)
(Appears on:RelabelConfig)
LabelName is a valid Prometheus label name which may only contain ASCII letters, numbers, as well as underscores.
ManagedIdentity
(Appears on:AzureAD)
ManagedIdentity defines the Azure User-assigned Managed identity.
| Field | Description |
|---|---|
clientIdstring |
The client id |
MetadataConfig
(Appears on:RemoteWriteSpec)
MetadataConfig configures the sending of series metadata to the remote storage.
| Field | Description |
|---|---|
sendbool |
Defines whether metric metadata is sent to the remote storage or not. |
sendIntervalDuration |
Defines how frequently metric metadata is sent to the remote storage. |
maxSamplesPerSendint32 |
(Optional)
MaxSamplesPerSend is the maximum number of metadata samples per send. It requires Prometheus >= v2.29.0. |
NameEscapingSchemeOptions
(string alias)
(Appears on:CommonPrometheusFields, ScrapeConfigSpec)
Specifies the character escaping scheme that will be applied when scraping for metric and label names that do not conform to the legacy Prometheus character set.
Supported values are:
AllowUTF8, full UTF-8 support, no escaping needed.Underscores, legacy-invalid characters are escaped to underscores.Dots, dot characters are escaped to_dot_, underscores to__, and all other legacy-invalid characters to underscores.Values, the string is prefixed byU__and all invalid characters are escaped to their unicode value, surrounded by underscores.
| Value | Description |
|---|---|
"AllowUTF8" |
|
"Dots" |
|
"Underscores" |
|
"Values" |
NameValidationSchemeOptions
(string alias)
(Appears on:CommonPrometheusFields, ScrapeConfigSpec)
Specifies the validation scheme for metric and label names.
Supported values are:
- UTF8NameValidationScheme for UTF-8 support.
- LegacyNameValidationScheme for letters, numbers, colons, and underscores.
Note that LegacyNameValidationScheme cannot be used along with the
OpenTelemetry NoUTF8EscapingWithSuffixes translation strategy (if
enabled).
| Value | Description |
|---|---|
"Legacy" |
|
"UTF8" |
NamespaceSelector
(Appears on:PodMonitorSpec, ProbeTargetIngress, ServiceMonitorSpec)
NamespaceSelector is a selector for selecting either all namespaces or a
list of namespaces.
If any is true, it takes precedence over matchNames.
If matchNames is empty and any is false, it means that the objects are
selected from the current namespace.
| Field | Description |
|---|---|
anybool |
Boolean describing whether all namespaces are selected in contrast to a list restricting them. |
matchNames[]string |
List of namespace names to select from. |
NativeHistogramConfig
(Appears on:PodMonitorSpec, ProbeSpec, ServiceMonitorSpec, ScrapeConfigSpec)
NativeHistogramConfig extends the native histogram configuration settings.
| Field | Description |
|---|---|
scrapeClassicHistogramsbool |
(Optional)
Whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v2.45.0. |
nativeHistogramBucketLimituint64 |
(Optional)
If there are more than this many buckets in a native histogram, buckets will be merged to stay within the limit. It requires Prometheus >= v2.45.0. |
nativeHistogramMinBucketFactork8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
If the growth factor of one bucket to the next is smaller than this, buckets will be merged to increase the factor sufficiently. It requires Prometheus >= v2.50.0. |
convertClassicHistogramsToNHCBbool |
(Optional)
Whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.0.0. |
NonEmptyDuration
(string alias)
(Appears on:Rule)
NonEmptyDuration is a valid time duration that can be parsed by Prometheus model.ParseDuration() function.
Compared to Duration, NonEmptyDuration enforces a minimum length of 1.
Supported units: y, w, d, h, m, s, ms
Examples: 30s, 1m, 1h20m15s, 15d
OAuth2
(Appears on:Endpoint, HTTPConfig, PodMetricsEndpoint, ProbeSpec, RemoteReadSpec, RemoteWriteSpec, AzureSDConfig, ConsulSDConfig, DigitalOceanSDConfig, DockerSDConfig, DockerSwarmSDConfig, EurekaSDConfig, HTTPConfig, HTTPSDConfig, HetznerSDConfig, IonosSDConfig, KubernetesSDConfig, KumaSDConfig, LightSailSDConfig, LinodeSDConfig, NomadSDConfig, PuppetDBSDConfig, ScrapeConfigSpec, HTTPConfig)
OAuth2 configures OAuth2 settings.
| Field | Description |
|---|---|
clientIdSecretOrConfigMap |
|
clientSecretKubernetes core/v1.SecretKeySelector |
|
tokenUrlstring |
|
scopes[]string |
|
endpointParamsmap[string]string |
(Optional)
|
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
OAuth2ValidationError
| Field | Description |
|---|---|
errstring |
OTLPConfig
(Appears on:CommonPrometheusFields)
OTLPConfig is the configuration for writing to the OTLP endpoint.
| Field | Description |
|---|---|
promoteResourceAttributes[]string |
(Optional)
List of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none. |
translationStrategyTranslationStrategyOption |
(Optional)
Configures how the OTLP receiver endpoint translates the incoming metrics. It requires Prometheus >= v3.0.0. |
keepIdentifyingResourceAttributesbool |
(Optional)
Enables adding It requires Prometheus >= v3.1.0. |
convertHistogramsToNHCBbool |
(Optional)
Configures optional translation of OTLP explicit bucket histograms into native histograms with custom buckets. It requires Prometheus >= v3.4.0. |
ObjectReference
(Appears on:CommonPrometheusFields, ThanosRulerSpec)
ObjectReference references a PodMonitor, ServiceMonitor, Probe or PrometheusRule object.
| Field | Description |
|---|---|
groupstring |
(Optional)
Group of the referent. When not specified, it defaults to |
resourcestring |
Resource of the referent. |
namespacestring |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
namestring |
(Optional)
Name of the referent. When not set, all resources in the namespace are matched. |
PodDNSConfig
(Appears on:AlertmanagerSpec, CommonPrometheusFields, ThanosRulerSpec)
PodDNSConfig defines the DNS parameters of a pod in addition to those generated from DNSPolicy.
| Field | Description |
|---|---|
nameservers[]string |
A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. |
searches[]string |
A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. |
options[]PodDNSConfigOption |
A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Resolution options given in Options will override those that appear in the base DNSPolicy. |
PodDNSConfigOption
(Appears on:PodDNSConfig)
PodDNSConfigOption defines DNS resolver options of a pod.
| Field | Description |
|---|---|
namestring |
Name is required and must be unique. |
valuestring |
Value is optional. |
PodMetricsEndpoint
(Appears on:PodMonitorSpec)
PodMetricsEndpoint defines an endpoint serving Prometheus metrics to be scraped by Prometheus.
| Field | Description |
|---|---|
portstring |
(Optional)
The It takes precedence over the |
portNumberint32 |
(Optional)
The |
targetPortk8s.io/apimachinery/pkg/util/intstr.IntOrString |
Name or number of the target port of the Deprecated: use ‘port’ or ‘portNumber’ instead. |
pathstring |
HTTP path from which to scrape for metrics. If empty, Prometheus uses the default value (e.g. |
schemestring |
HTTP scheme to use for scraping.
If empty, Prometheus uses the default value |
paramsmap[string][]string |
|
intervalDuration |
Interval at which Prometheus scrapes the metrics from the target. If empty, Prometheus uses the global scrape interval. |
scrapeTimeoutDuration |
Timeout after which Prometheus considers the scrape to be failed. If empty, Prometheus uses the global scrape timeout unless it is less than the target’s scrape interval value in which the latter is used. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration to use when scraping the target. |
bearerTokenSecretKubernetes core/v1.SecretKeySelector |
(Optional)
Deprecated: use |
honorLabelsbool |
When true, |
honorTimestampsbool |
(Optional)
|
trackTimestampsStalenessbool |
(Optional)
It requires Prometheus >= v2.48.0. |
basicAuthBasicAuth |
(Optional)
Cannot be set at the same time as |
oauth2OAuth2 |
(Optional)
It requires Prometheus >= 2.27.0. Cannot be set at the same time as |
authorizationSafeAuthorization |
(Optional)
Cannot be set at the same time as |
metricRelabelings[]RelabelConfig |
(Optional)
|
relabelings[]RelabelConfig |
(Optional)
The Operator automatically adds relabelings for a few standard Kubernetes fields. The original scrape job’s name is available via the More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
|
enableHttp2bool |
(Optional)
|
filterRunningbool |
(Optional)
When true, the pods which are not running (e.g. either in Failed or Succeeded state) are dropped during the target discovery. If unset, the filtering is enabled. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase |
PodMonitorSpec
(Appears on:PodMonitor)
PodMonitorSpec contains specification parameters for a PodMonitor.
| Field | Description |
|---|---|
jobLabelstring |
The label to use to retrieve the job name from.
For example if If the value of this field is empty, the |
podTargetLabels[]string |
|
podMetricsEndpoints[]PodMetricsEndpoint |
(Optional)
Defines how to scrape metrics from the selected pods. |
selectorKubernetes meta/v1.LabelSelector |
Label selector to select the Kubernetes |
selectorMechanismSelectorMechanism |
(Optional)
Mechanism used to select the endpoints to scrape. By default, the selection process relies on relabel configurations to filter the discovered targets. Alternatively, you can opt in for role selectors, which may offer better efficiency in large clusters. Which strategy is best for your use case needs to be carefully evaluated. It requires Prometheus >= v2.17.0. |
namespaceSelectorNamespaceSelector |
|
sampleLimituint64 |
(Optional)
|
targetLimituint64 |
(Optional)
|
scrapeProtocols[]ScrapeProtocol |
(Optional)
If unset, Prometheus uses its default value. It requires Prometheus >= v2.49.0. |
fallbackScrapeProtocolScrapeProtocol |
(Optional)
The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It requires Prometheus >= v3.0.0. |
labelLimituint64 |
(Optional)
Per-scrape limit on number of labels that will be accepted for a sample. It requires Prometheus >= v2.27.0. |
labelNameLengthLimituint64 |
(Optional)
Per-scrape limit on length of labels name that will be accepted for a sample. It requires Prometheus >= v2.27.0. |
labelValueLengthLimituint64 |
(Optional)
Per-scrape limit on length of labels value that will be accepted for a sample. It requires Prometheus >= v2.27.0. |
scrapeClassicHistogramsbool |
(Optional)
Whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v2.45.0. |
nativeHistogramBucketLimituint64 |
(Optional)
If there are more than this many buckets in a native histogram, buckets will be merged to stay within the limit. It requires Prometheus >= v2.45.0. |
nativeHistogramMinBucketFactork8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
If the growth factor of one bucket to the next is smaller than this, buckets will be merged to increase the factor sufficiently. It requires Prometheus >= v2.50.0. |
convertClassicHistogramsToNHCBbool |
(Optional)
Whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.0.0. |
keepDroppedTargetsuint64 |
(Optional)
Per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. |
attachMetadataAttachMetadata |
(Optional)
It requires Prometheus >= v2.35.0. |
scrapeClassstring |
(Optional)
The scrape class to apply. |
bodySizeLimitByteSize |
(Optional)
When defined, bodySizeLimit specifies a job level limit on the size of uncompressed response body that will be accepted by Prometheus. It requires Prometheus >= v2.28.0. |
ProbeSpec
(Appears on:Probe)
ProbeSpec contains specification parameters for a Probe.
| Field | Description |
|---|---|
jobNamestring |
The job name assigned to scraped metrics by default. |
proberProberSpec |
Specification for the prober to use for probing targets. The prober.URL parameter is required. Targets cannot be probed if left empty. |
modulestring |
The module to use for probing specifying how to probe the target. Example module configuring in the blackbox exporter: https://github.com/prometheus/blackbox_exporter/blob/master/example.yml |
targetsProbeTargets |
Targets defines a set of static or dynamically discovered targets to probe. |
intervalDuration |
Interval at which targets are probed using the configured prober. If not specified Prometheus’ global scrape interval is used. |
scrapeTimeoutDuration |
Timeout for scraping metrics from the Prometheus exporter. If not specified, the Prometheus global scrape timeout is used. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. |
tlsConfigSafeTLSConfig |
TLS configuration to use when scraping the endpoint. |
bearerTokenSecretKubernetes core/v1.SecretKeySelector |
Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the probe and accessible by the Prometheus Operator. |
basicAuthBasicAuth |
BasicAuth allow an endpoint to authenticate over basic authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint |
oauth2OAuth2 |
OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer. |
metricRelabelings[]RelabelConfig |
MetricRelabelConfigs to apply to samples before ingestion. |
authorizationSafeAuthorization |
Authorization section for this endpoint |
sampleLimituint64 |
(Optional)
SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. |
targetLimituint64 |
(Optional)
TargetLimit defines a limit on the number of scraped targets that will be accepted. |
scrapeProtocols[]ScrapeProtocol |
(Optional)
If unset, Prometheus uses its default value. It requires Prometheus >= v2.49.0. |
fallbackScrapeProtocolScrapeProtocol |
(Optional)
The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It requires Prometheus >= v3.0.0. |
labelLimituint64 |
(Optional)
Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. |
labelNameLengthLimituint64 |
(Optional)
Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. |
labelValueLengthLimituint64 |
(Optional)
Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. |
scrapeClassicHistogramsbool |
(Optional)
Whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v2.45.0. |
nativeHistogramBucketLimituint64 |
(Optional)
If there are more than this many buckets in a native histogram, buckets will be merged to stay within the limit. It requires Prometheus >= v2.45.0. |
nativeHistogramMinBucketFactork8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
If the growth factor of one bucket to the next is smaller than this, buckets will be merged to increase the factor sufficiently. It requires Prometheus >= v2.50.0. |
convertClassicHistogramsToNHCBbool |
(Optional)
Whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.0.0. |
keepDroppedTargetsuint64 |
(Optional)
Per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. |
scrapeClassstring |
(Optional)
The scrape class to apply. |
ProbeTargetIngress
(Appears on:ProbeTargets)
ProbeTargetIngress defines the set of Ingress objects considered for probing. The operator configures a target for each host/path combination of each ingress object.
| Field | Description |
|---|---|
selectorKubernetes meta/v1.LabelSelector |
Selector to select the Ingress objects. |
namespaceSelectorNamespaceSelector |
From which namespaces to select Ingress objects. |
relabelingConfigs[]RelabelConfig |
RelabelConfigs to apply to the label set of the target before it gets
scraped.
The original ingress address is available via the
|
ProbeTargetStaticConfig
(Appears on:ProbeTargets)
ProbeTargetStaticConfig defines the set of static targets considered for probing.
| Field | Description |
|---|---|
static[]string |
The list of hosts to probe. |
labelsmap[string]string |
Labels assigned to all metrics scraped from the targets. |
relabelingConfigs[]RelabelConfig |
RelabelConfigs to apply to the label set of the targets before it gets scraped. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config |
ProbeTargets
(Appears on:ProbeSpec)
ProbeTargets defines how to discover the probed targets.
One of the staticConfig or ingress must be defined.
If both are defined, staticConfig takes precedence.
| Field | Description |
|---|---|
staticConfigProbeTargetStaticConfig |
staticConfig defines the static list of targets to probe and the
relabeling configuration.
If |
ingressProbeTargetIngress |
ingress defines the Ingress objects to probe and the relabeling
configuration.
If |
ProbeTargetsValidationError
ProbeTargetsValidationError is returned by ProbeTargets.Validate() on semantically invalid configurations.
| Field | Description |
|---|---|
errstring |
ProberSpec
(Appears on:ProbeSpec)
ProberSpec contains specification parameters for the Prober used for probing.
| Field | Description |
|---|---|
urlstring |
Mandatory URL of the prober. |
schemestring |
HTTP scheme to use for scraping.
|
pathstring |
Path to collect metrics from.
Defaults to |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
PrometheusRuleExcludeConfig
(Appears on:PrometheusSpec, ThanosRulerSpec)
PrometheusRuleExcludeConfig enables users to configure excluded PrometheusRule names and their namespaces to be ignored while enforcing namespace label for alerts and metrics.
| Field | Description |
|---|---|
ruleNamespacestring |
Namespace of the excluded PrometheusRule object. |
ruleNamestring |
Name of the excluded PrometheusRule object. |
PrometheusRuleSpec
(Appears on:PrometheusRule)
PrometheusRuleSpec contains specification parameters for a Rule.
| Field | Description |
|---|---|
groups[]RuleGroup |
Content of Prometheus rule file |
PrometheusSpec
(Appears on:Prometheus)
PrometheusSpec is a specification of the desired behavior of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
| Field | Description |
|---|---|
podMetadataEmbeddedObjectMetadata |
PodMetadata configures labels and annotations which are propagated to the Prometheus pods. The following items are reserved and cannot be overridden: * “prometheus” label, set to the name of the Prometheus object. * “app.kubernetes.io/instance” label, set to the name of the Prometheus object. * “app.kubernetes.io/managed-by” label, set to “prometheus-operator”. * “app.kubernetes.io/name” label, set to “prometheus”. * “app.kubernetes.io/version” label, set to the Prometheus version. * “operator.prometheus.io/name” label, set to the name of the Prometheus object. * “operator.prometheus.io/shard” label, set to the shard number of the Prometheus object. * “kubectl.kubernetes.io/default-container” annotation, set to “prometheus”. |
serviceMonitorSelectorKubernetes meta/v1.LabelSelector |
ServiceMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If |
serviceMonitorNamespaceSelectorKubernetes meta/v1.LabelSelector |
Namespaces to match for ServicedMonitors discovery. An empty label selector matches all namespaces. A null label selector (default value) matches the current namespace only. |
podMonitorSelectorKubernetes meta/v1.LabelSelector |
PodMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If |
podMonitorNamespaceSelectorKubernetes meta/v1.LabelSelector |
Namespaces to match for PodMonitors discovery. An empty label selector matches all namespaces. A null label selector (default value) matches the current namespace only. |
probeSelectorKubernetes meta/v1.LabelSelector |
Probes to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If |
probeNamespaceSelectorKubernetes meta/v1.LabelSelector |
Namespaces to match for Probe discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. |
scrapeConfigSelectorKubernetes meta/v1.LabelSelector |
(Optional)
ScrapeConfigs to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If Note that the ScrapeConfig custom resource definition is currently at Alpha level. |
scrapeConfigNamespaceSelectorKubernetes meta/v1.LabelSelector |
(Optional)
Namespaces to match for ScrapeConfig discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. Note that the ScrapeConfig custom resource definition is currently at Alpha level. |
versionstring |
Version of Prometheus being deployed. The operator uses this information to generate the Prometheus StatefulSet + configuration files. If not specified, the operator assumes the latest upstream version of Prometheus available at the time when the version of the operator was released. |
pausedbool |
When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects. |
imagestring |
(Optional)
Container image name for Prometheus. If specified, it takes precedence
over the Specifying If neither |
imagePullPolicyKubernetes core/v1.PullPolicy |
Image pull policy for the ‘prometheus’, ‘init-config-reloader’ and ‘config-reloader’ containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. |
imagePullSecrets[]Kubernetes core/v1.LocalObjectReference |
An optional list of references to Secrets in the same namespace to use for pulling images from registries. See http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod |
replicasint32 |
(Optional)
Number of replicas of each shard to deploy for a Prometheus deployment.
Default: 1 |
shardsint32 |
Number of shards to distribute the scraped targets onto.
When not defined, the operator assumes only one shard. Note that scaling down shards will not reshard data onto the remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally, use either * Thanos sidecar + querier for query federation and Thanos Ruler for rules. * Remote-write to send metrics to a central location. By default, the sharding of targets is performed on:
* The Users can define their own sharding implementation by setting the
You can also disable sharding on a specific target by setting the
|
replicaExternalLabelNamestring |
(Optional)
Name of Prometheus external label used to denote the replica name.
The external label will not be added when the field is set to the
empty string ( Default: “prometheus_replica” |
prometheusExternalLabelNamestring |
(Optional)
Name of Prometheus external label used to denote the Prometheus instance
name. The external label will not be added when the field is set to
the empty string ( Default: “prometheus” |
logLevelstring |
Log level for Prometheus and the config-reloader sidecar. |
logFormatstring |
Log format for Log level for Prometheus and the config-reloader sidecar. |
scrapeIntervalDuration |
Interval between consecutive scrapes. Default: “30s” |
scrapeTimeoutDuration |
Number of seconds to wait until a scrape request times out. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. |
scrapeProtocols[]ScrapeProtocol |
(Optional)
The protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. It requires Prometheus >= v2.49.0.
|
externalLabelsmap[string]string |
The labels to add to any time series or alerts when communicating with
external systems (federation, remote storage, Alertmanager).
Labels defined by |
enableRemoteWriteReceiverbool |
Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver It requires Prometheus >= v2.33.0. |
enableOTLPReceiverbool |
(Optional)
Enable Prometheus to be used as a receiver for the OTLP Metrics protocol. Note that the OTLP receiver endpoint is automatically enabled if It requires Prometheus >= v2.47.0. |
remoteWriteReceiverMessageVersions[]RemoteWriteMessageVersion |
(Optional)
List of the protobuf message versions to accept when receiving the remote writes. It requires Prometheus >= v2.54.0. |
enableFeatures[]EnableFeature |
(Optional)
Enable access to Prometheus feature flags. By default, no features are enabled. Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. For more information see https://prometheus.io/docs/prometheus/latest/feature_flags/ |
externalUrlstring |
The external URL under which the Prometheus service is externally available. This is necessary to generate correct URLs (for instance if Prometheus is accessible behind an Ingress resource). |
routePrefixstring |
The route prefix Prometheus registers HTTP handlers for. This is useful when using |
storageStorageSpec |
Storage defines the storage used by Prometheus. |
volumes[]Kubernetes core/v1.Volume |
Volumes allows the configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects. |
volumeMounts[]Kubernetes core/v1.VolumeMount |
VolumeMounts allows the configuration of additional VolumeMounts. VolumeMounts will be appended to other VolumeMounts in the ‘prometheus’ container, that are generated as a result of StorageSpec objects. |
persistentVolumeClaimRetentionPolicyKubernetes apps/v1.StatefulSetPersistentVolumeClaimRetentionPolicy |
(Optional)
The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. The default behavior is all PVCs are retained. This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. It requires enabling the StatefulSetAutoDeletePVC feature gate. |
webPrometheusWebSpec |
Defines the configuration of the Prometheus web server. |
resourcesKubernetes core/v1.ResourceRequirements |
Defines the resources requests and limits of the ‘prometheus’ container. |
nodeSelectormap[string]string |
Defines on which Nodes the Pods are scheduled. |
serviceAccountNamestring |
ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods. |
automountServiceAccountTokenbool |
(Optional)
AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. If the field isn’t set, the operator mounts the service account token by default. Warning: be aware that by default, Prometheus requires the service account token for Kubernetes service discovery. It is possible to use strategic merge patch to project the service account token into the ‘prometheus’ container. |
secrets[]string |
Secrets is a list of Secrets in the same namespace as the Prometheus
object, which shall be mounted into the Prometheus Pods.
Each Secret is added to the StatefulSet definition as a volume named |
configMaps[]string |
ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus
object, which shall be mounted into the Prometheus Pods.
Each ConfigMap is added to the StatefulSet definition as a volume named |
affinityKubernetes core/v1.Affinity |
(Optional)
Defines the Pods’ affinity scheduling rules if specified. |
tolerations[]Kubernetes core/v1.Toleration |
(Optional)
Defines the Pods’ tolerations if specified. |
topologySpreadConstraints[]TopologySpreadConstraint |
(Optional)
Defines the pod’s topology spread constraints if specified. |
remoteWrite[]RemoteWriteSpec |
(Optional)
Defines the list of remote write configurations. |
otlpOTLPConfig |
(Optional)
Settings related to the OTLP receiver feature. It requires Prometheus >= v2.55.0. |
securityContextKubernetes core/v1.PodSecurityContext |
(Optional)
SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext. |
dnsPolicyDNSPolicy |
(Optional)
Defines the DNS policy for the pods. |
dnsConfigPodDNSConfig |
(Optional)
Defines the DNS configuration for the pods. |
listenLocalbool |
When true, the Prometheus server listens on the loopback address instead of the Pod IP’s address. |
enableServiceLinksbool |
(Optional)
Indicates whether information about services should be injected into pod’s environment variables |
containers[]Kubernetes core/v1.Container |
(Optional)
Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to the Pods or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The names of containers managed by the operator are:
* Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. |
initContainers[]Kubernetes core/v1.Container |
(Optional)
InitContainers allows injecting initContainers to the Pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. The names of init container name managed by the operator are:
* Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. |
additionalScrapeConfigsKubernetes core/v1.SecretKeySelector |
(Optional)
AdditionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. As scrape configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible scrape configs are going to break Prometheus after the upgrade. |
apiserverConfigAPIServerConfig |
(Optional)
APIServerConfig allows specifying a host and auth methods to access the Kuberntees API server. If null, Prometheus is assumed to run inside of the cluster: it will discover the API servers automatically and use the Pod’s CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. |
priorityClassNamestring |
Priority class assigned to the Pods. |
portNamestring |
Port name used for the pods and governing service. Default: “web” |
arbitraryFSAccessThroughSMsArbitraryFSAccessThroughSMsConfig |
When true, ServiceMonitor, PodMonitor and Probe object are forbidden to
reference arbitrary files on the file system of the ‘prometheus’
container.
When a ServiceMonitor’s endpoint specifies a |
overrideHonorLabelsbool |
When true, Prometheus resolves label conflicts by renaming the labels in the scraped data
to “exported_” for all targets created from ServiceMonitor, PodMonitor and
ScrapeConfig objects. Otherwise the HonorLabels field of the service or pod monitor applies.
In practice, |
overrideHonorTimestampsbool |
When true, Prometheus ignores the timestamps for all the targets created from service and pod monitors. Otherwise the HonorTimestamps field of the service or pod monitor applies. |
ignoreNamespaceSelectorsbool |
When true, |
enforcedNamespaceLabelstring |
When not empty, a label will be added to:
The label will not added for objects referenced in The label’s name is this field’s value.
The label’s value is the namespace of the |
enforcedSampleLimituint64 |
(Optional)
When defined, enforcedSampleLimit specifies a global limit on the number
of scraped samples that will be accepted. This overrides any
It is meant to be used by admins to keep the overall number of samples/series under a desired limit. When both |
enforcedTargetLimituint64 |
(Optional)
When defined, enforcedTargetLimit specifies a global limit on the number
of scraped targets. The value overrides any It is meant to be used by admins to to keep the overall number of targets under a desired limit. When both |
enforcedLabelLimituint64 |
(Optional)
When defined, enforcedLabelLimit specifies a global limit on the number
of labels per sample. The value overrides any It requires Prometheus >= v2.27.0. When both |
enforcedLabelNameLengthLimituint64 |
(Optional)
When defined, enforcedLabelNameLengthLimit specifies a global limit on the length
of labels name per sample. The value overrides any It requires Prometheus >= v2.27.0. When both |
enforcedLabelValueLengthLimituint64 |
(Optional)
When not null, enforcedLabelValueLengthLimit defines a global limit on the length
of labels value per sample. The value overrides any It requires Prometheus >= v2.27.0. When both |
enforcedKeepDroppedTargetsuint64 |
(Optional)
When defined, enforcedKeepDroppedTargets specifies a global limit on the number of targets
dropped by relabeling that will be kept in memory. The value overrides
any It requires Prometheus >= v2.47.0. When both |
enforcedBodySizeLimitByteSize |
When defined, enforcedBodySizeLimit specifies a global limit on the size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. It requires Prometheus >= v2.28.0. When both |
nameValidationSchemeNameValidationSchemeOptions |
(Optional)
Specifies the validation scheme for metric and label names. It requires Prometheus >= v2.55.0. |
nameEscapingSchemeNameEscapingSchemeOptions |
(Optional)
Specifies the character escaping scheme that will be requested when scraping for metric and label names that do not conform to the legacy Prometheus character set. It requires Prometheus >= v3.4.0. |
convertClassicHistogramsToNHCBbool |
(Optional)
Whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.4.0. |
scrapeClassicHistogramsbool |
(Optional)
Whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v3.5.0. |
minReadySecondsuint32 |
(Optional)
Minimum number of seconds for which a newly created Pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate. |
hostAliases[]HostAlias |
(Optional)
Optional list of hosts and IPs that will be injected into the Pod’s hosts file if specified. |
additionalArgs[]Argument |
(Optional)
AdditionalArgs allows setting additional arguments for the ‘prometheus’ container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Prometheus container which may cause issues if they are invalid or not supported by the given Prometheus version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument, the reconciliation will fail and an error will be logged. |
walCompressionbool |
(Optional)
Configures compression of the write-ahead log (WAL) using Snappy. WAL compression is enabled by default for Prometheus >= 2.20.0 Requires Prometheus v2.11.0 and above. |
excludedFromEnforcement[]ObjectReference |
(Optional)
List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. It is only applicable if |
hostNetworkbool |
Use the host’s network namespace if true. Make sure to understand the security implications if you want to enable it (https://kubernetes.io/docs/concepts/configuration/overview/ ). When hostNetwork is enabled, this will set the DNS policy to
|
podTargetLabels[]string |
(Optional)
PodTargetLabels are appended to the |
tracingConfigPrometheusTracingConfig |
(Optional)
TracingConfig configures tracing in Prometheus. This is an experimental feature, it may change in any upcoming release in a breaking way. |
bodySizeLimitByteSize |
(Optional)
BodySizeLimit defines per-scrape on response body size. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedBodySizeLimit. |
sampleLimituint64 |
(Optional)
SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedSampleLimit. |
targetLimituint64 |
(Optional)
TargetLimit defines a limit on the number of scraped targets that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedTargetLimit. |
labelLimituint64 |
(Optional)
Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedLabelLimit. |
labelNameLengthLimituint64 |
(Optional)
Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedLabelNameLengthLimit. |
labelValueLengthLimituint64 |
(Optional)
Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedLabelValueLengthLimit. |
keepDroppedTargetsuint64 |
(Optional)
Per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedKeepDroppedTargets. |
reloadStrategyReloadStrategyType |
(Optional)
Defines the strategy used to reload the Prometheus configuration. If not specified, the configuration is reloaded using the /-/reload HTTP endpoint. |
maximumStartupDurationSecondsint32 |
(Optional)
Defines the maximum time that the |
scrapeClasses[]ScrapeClass |
List of scrape classes to expose to scraping objects such as PodMonitors, ServiceMonitors, Probes and ScrapeConfigs. This is an experimental feature, it may change in any upcoming release in a breaking way. |
serviceDiscoveryRoleServiceDiscoveryRole |
(Optional)
Defines the service discovery role used to discover targets from
If set, the value should be either “Endpoints” or “EndpointSlice”. If unset, the operator assumes the “Endpoints” role. |
tsdbTSDBSpec |
(Optional)
Defines the runtime reloadable configuration of the timeseries database(TSDB). It requires Prometheus >= v2.39.0 or PrometheusAgent >= v2.54.0. |
scrapeFailureLogFilestring |
(Optional)
File to which scrape failures are logged. Reloading the configuration will reopen the file. If the filename has an empty path, e.g. ‘file.log’, The Prometheus Pods
will mount the file into an emptyDir volume at |
serviceNamestring |
(Optional)
The name of the service name used by the underlying StatefulSet(s) as the governing service.
If defined, the Service must be created before the Prometheus/PrometheusAgent resource in the same namespace and it must define a selector that matches the pod labels.
If empty, the operator will create and manage a headless service named |
runtimeRuntimeConfig |
(Optional)
RuntimeConfig configures the values for the Prometheus process behavior |
terminationGracePeriodSecondsint64 |
(Optional)
Optional duration in seconds the pod needs to terminate gracefully. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down) which may lead to data corruption. Defaults to 600 seconds. |
baseImagestring |
Deprecated: use ‘spec.image’ instead. |
tagstring |
Deprecated: use ‘spec.image’ instead. The image’s tag can be specified as part of the image name. |
shastring |
Deprecated: use ‘spec.image’ instead. The image’s digest can be specified as part of the image name. |
retentionDuration |
How long to retain the Prometheus data. Default: “24h” if |
retentionSizeByteSize |
Maximum number of bytes used by the Prometheus data. |
shardRetentionPolicyShardRetentionPolicy |
(Optional)
ShardRetentionPolicy defines the retention policy for the Prometheus shards. (Alpha) Using this field requires the ‘PrometheusShardRetentionPolicy’ feature gate to be enabled. The final goals for this feature can be seen at https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/proposals/202310-shard-autoscaling.md#graceful-scale-down-of-prometheus-servers, however, the feature is not yet fully implemented in this PR. The limitation being: * Retention duration is not settable, for now, shards are retained forever. |
disableCompactionbool |
When true, the Prometheus compaction is disabled.
When |
rulesRules |
Defines the configuration of the Prometheus rules’ engine. |
prometheusRulesExcludedFromEnforce[]PrometheusRuleExcludeConfig |
(Optional)
Defines the list of PrometheusRule objects to which the namespace label
enforcement doesn’t apply.
This is only relevant when |
ruleSelectorKubernetes meta/v1.LabelSelector |
(Optional)
PrometheusRule objects to be selected for rule evaluation. An empty label selector matches all objects. A null label selector matches no objects. |
ruleNamespaceSelectorKubernetes meta/v1.LabelSelector |
(Optional)
Namespaces to match for PrometheusRule discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. |
queryQuerySpec |
(Optional)
QuerySpec defines the configuration of the Promethus query service. |
alertingAlertingSpec |
(Optional)
Defines the settings related to Alertmanager. |
additionalAlertRelabelConfigsKubernetes core/v1.SecretKeySelector |
(Optional)
AdditionalAlertRelabelConfigs specifies a key of a Secret containing additional Prometheus alert relabel configurations. The alert relabel configurations are appended to the configuration generated by the Prometheus Operator. They must be formatted according to the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs The user is responsible for making sure that the configurations are valid Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible alert relabel configs are going to break Prometheus after the upgrade. |
additionalAlertManagerConfigsKubernetes core/v1.SecretKeySelector |
(Optional)
AdditionalAlertManagerConfigs specifies a key of a Secret containing additional Prometheus Alertmanager configurations. The Alertmanager configurations are appended to the configuration generated by the Prometheus Operator. They must be formatted according to the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config The user is responsible for making sure that the configurations are valid Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade. |
remoteRead[]RemoteReadSpec |
(Optional)
Defines the list of remote read configurations. |
thanosThanosSpec |
(Optional)
Defines the configuration of the optional Thanos sidecar. |
queryLogFilestring |
queryLogFile specifies where the file to which PromQL queries are logged. If the filename has an empty path, e.g. ‘query.log’, The Prometheus Pods
will mount the file into an emptyDir volume at |
allowOverlappingBlocksbool |
AllowOverlappingBlocks enables vertical compaction and vertical query merge in Prometheus. Deprecated: this flag has no effect for Prometheus >= 2.39.0 where overlapping blocks are enabled by default. |
exemplarsExemplars |
(Optional)
Exemplars related settings that are runtime reloadable.
It requires to enable the |
evaluationIntervalDuration |
Interval between rule evaluations. Default: “30s” |
ruleQueryOffsetDuration |
(Optional)
Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. It requires Prometheus >= v2.53.0. |
enableAdminAPIbool |
Enables access to the Prometheus web admin API. WARNING: Enabling the admin APIs enables mutating endpoints, to delete data, shutdown Prometheus, and more. Enabling this should be done with care and the user is advised to add additional authentication authorization via a proxy to ensure only clients authorized to perform these actions can do so. For more information: https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis |
PrometheusStatus
(Appears on:Prometheus, PrometheusAgent)
PrometheusStatus is the most recent observed status of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
| Field | Description |
|---|---|
pausedbool |
Represents whether any actions on the underlying managed objects are being performed. Only delete actions will be performed. |
replicasint32 |
Total number of non-terminated pods targeted by this Prometheus deployment (their labels match the selector). |
updatedReplicasint32 |
Total number of non-terminated pods targeted by this Prometheus deployment that have the desired version spec. |
availableReplicasint32 |
Total number of available pods (ready for at least minReadySeconds) targeted by this Prometheus deployment. |
unavailableReplicasint32 |
Total number of unavailable pods targeted by this Prometheus deployment. |
conditions[]Condition |
(Optional)
The current state of the Prometheus deployment. |
shardStatuses[]ShardStatus |
(Optional)
The list has one entry per shard. Each entry provides a summary of the shard status. |
shardsint32 |
Shards is the most recently observed number of shards. |
selectorstring |
The selector used to match the pods targeted by this Prometheus resource. |
PrometheusTracingConfig
(Appears on:CommonPrometheusFields)
| Field | Description |
|---|---|
clientTypestring |
(Optional)
Client used to export the traces. Supported values are |
endpointstring |
Endpoint to send the traces to. Should be provided in format :. |
samplingFractionk8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
Sets the probability a given trace will be sampled. Must be a float from 0 through 1. |
insecurebool |
(Optional)
If disabled, the client will use a secure connection. |
headersmap[string]string |
(Optional)
Key-value pairs to be used as headers associated with gRPC or HTTP requests. |
compressionstring |
(Optional)
Compression key for supported compression types. The only supported value is |
timeoutDuration |
(Optional)
Maximum time the exporter will wait for each batch export. |
tlsConfigTLSConfig |
(Optional)
TLS Config to use when sending traces. |
PrometheusWebSpec
(Appears on:CommonPrometheusFields)
PrometheusWebSpec defines the configuration of the Prometheus web server.
| Field | Description |
|---|---|
tlsConfigWebTLSConfig |
Defines the TLS parameters for HTTPS. |
httpConfigWebHTTPConfig |
Defines HTTP parameters for web server. |
pageTitlestring |
(Optional)
The prometheus web page title. |
maxConnectionsint32 |
(Optional)
Defines the maximum number of simultaneous connections A zero value means that Prometheus doesn’t accept any incoming connection. |
ProxyConfig
(Appears on:APIServerConfig, AlertmanagerEndpoints, Endpoint, HTTPConfig, OAuth2, PodMetricsEndpoint, ProberSpec, RemoteReadSpec, RemoteWriteSpec, AzureSDConfig, ConsulSDConfig, DigitalOceanSDConfig, DockerSDConfig, DockerSwarmSDConfig, EC2SDConfig, EurekaSDConfig, HTTPConfig, HTTPSDConfig, HetznerSDConfig, IonosSDConfig, KubernetesSDConfig, KumaSDConfig, LightSailSDConfig, LinodeSDConfig, NomadSDConfig, PuppetDBSDConfig, ScalewaySDConfig, ScrapeConfigSpec, HTTPConfig)
| Field | Description |
|---|---|
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
QuerySpec
(Appears on:PrometheusSpec)
QuerySpec defines the query command line flags when starting Prometheus.
| Field | Description |
|---|---|
lookbackDeltastring |
(Optional)
The delta difference allowed for retrieving metrics during expression evaluations. |
maxConcurrencyint32 |
(Optional)
Number of concurrent queries that can be run at once. |
maxSamplesint32 |
(Optional)
Maximum number of samples a single query can load into memory. Note that queries will fail if they would load more samples than this into memory, so this also limits the number of samples a query can return. |
timeoutDuration |
(Optional)
Maximum time a query may take before being aborted. |
QueueConfig
(Appears on:RemoteWriteSpec)
QueueConfig allows the tuning of remote write’s queue_config parameters. This object is referenced in the RemoteWriteSpec object.
| Field | Description |
|---|---|
capacityint |
Capacity is the number of samples to buffer per shard before we start dropping them. |
minShardsint |
MinShards is the minimum number of shards, i.e. amount of concurrency. |
maxShardsint |
MaxShards is the maximum number of shards, i.e. amount of concurrency. |
maxSamplesPerSendint |
MaxSamplesPerSend is the maximum number of samples per send. |
batchSendDeadlineDuration |
(Optional)
BatchSendDeadline is the maximum time a sample will wait in buffer. |
maxRetriesint |
MaxRetries is the maximum number of times to retry a batch on recoverable errors. |
minBackoffDuration |
(Optional)
MinBackoff is the initial retry delay. Gets doubled for every retry. |
maxBackoffDuration |
(Optional)
MaxBackoff is the maximum retry delay. |
retryOnRateLimitbool |
Retry upon receiving a 429 status code from the remote-write storage. This is an experimental feature, it may change in any upcoming release in a breaking way. |
sampleAgeLimitDuration |
(Optional)
SampleAgeLimit drops samples older than the limit. It requires Prometheus >= v2.50.0 or Thanos >= v0.32.0. |
RelabelConfig
(Appears on:AlertmanagerEndpoints, Endpoint, PodMetricsEndpoint, ProbeSpec, ProbeTargetIngress, ProbeTargetStaticConfig, RemoteWriteSpec, ScrapeClass, ScrapeConfigSpec)
RelabelConfig allows dynamic rewriting of the label set for targets, alerts, scraped samples and remote write samples.
More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
| Field | Description |
|---|---|
sourceLabels[]LabelName |
(Optional)
The source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. |
separatorstring |
Separator is the string between concatenated SourceLabels. |
targetLabelstring |
Label to which the resulting string is written in a replacement. It is mandatory for Regex capture groups are available. |
regexstring |
Regular expression against which the extracted value is matched. |
modulusuint64 |
Modulus to take of the hash of the source label values. Only applicable when the action is |
replacementstring |
(Optional)
Replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. |
actionstring |
Action to perform based on the regex matching.
Default: “Replace” |
ReloadStrategyType
(string alias)
(Appears on:CommonPrometheusFields)
| Value | Description |
|---|---|
"HTTP" |
HTTPReloadStrategyType reloads the configuration using the /-/reload HTTP endpoint. |
"ProcessSignal" |
ProcessSignalReloadStrategyType reloads the configuration by sending a SIGHUP signal to the process. |
RemoteReadSpec
(Appears on:PrometheusSpec)
RemoteReadSpec defines the configuration for Prometheus to read back samples from a remote endpoint.
| Field | Description |
|---|---|
urlstring |
The URL of the endpoint to query from. |
namestring |
The name of the remote read queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate read configurations. It requires Prometheus >= v2.15.0. |
requiredMatchersmap[string]string |
(Optional)
An optional list of equality matchers which have to be present in a selector to query the remote read endpoint. |
remoteTimeoutDuration |
(Optional)
Timeout for requests to the remote read endpoint. |
headersmap[string]string |
(Optional)
Custom HTTP headers to be sent along with each remote read request. Be aware that headers that are set by Prometheus itself can’t be overwritten. Only valid in Prometheus versions 2.26.0 and newer. |
readRecentbool |
Whether reads should be made for queries for time ranges that the local storage should have complete data for. |
oauth2OAuth2 |
(Optional)
OAuth2 configuration for the URL. It requires Prometheus >= v2.27.0. Cannot be set at the same time as |
basicAuthBasicAuth |
(Optional)
BasicAuth configuration for the URL. Cannot be set at the same time as |
bearerTokenFilestring |
File from which to read the bearer token for the URL. Deprecated: this will be removed in a future release. Prefer using |
authorizationAuthorization |
(Optional)
Authorization section for the URL. It requires Prometheus >= v2.26.0. Cannot be set at the same time as |
bearerTokenstring |
Warning: this field shouldn’t be used because the token value appears
in clear-text. Prefer using Deprecated: this will be removed in a future release. |
tlsConfigTLSConfig |
(Optional)
TLS Config to use for the URL. |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. It requires Prometheus >= v2.26.0. |
filterExternalLabelsbool |
(Optional)
Whether to use the external labels as selectors for the remote read endpoint. It requires Prometheus >= v2.34.0. |
RemoteWriteMessageVersion
(string alias)
(Appears on:CommonPrometheusFields, RemoteWriteSpec)
| Value | Description |
|---|---|
"V1.0" |
Remote Write message’s version 1.0. |
"V2.0" |
Remote Write message’s version 2.0. |
RemoteWriteSpec
(Appears on:CommonPrometheusFields, ThanosRulerSpec)
RemoteWriteSpec defines the configuration to write samples from Prometheus to a remote endpoint.
| Field | Description |
|---|---|
urlstring |
The URL of the endpoint to send samples to. |
namestring |
(Optional)
The name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. It requires Prometheus >= v2.15.0 or Thanos >= 0.24.0. |
messageVersionRemoteWriteMessageVersion |
(Optional)
The Remote Write message’s version to use when writing to the endpoint.
When Before setting this field, consult with your remote storage provider what message version it supports. It requires Prometheus >= v2.54.0 or Thanos >= v0.37.0. |
sendExemplarsbool |
(Optional)
Enables sending of exemplars over remote write. Note that
exemplar-storage itself must be enabled using the It requires Prometheus >= v2.27.0 or Thanos >= v0.24.0. |
sendNativeHistogramsbool |
(Optional)
Enables sending of native histograms, also known as sparse histograms over remote write. It requires Prometheus >= v2.40.0 or Thanos >= v0.30.0. |
remoteTimeoutDuration |
(Optional)
Timeout for requests to the remote write endpoint. |
headersmap[string]string |
(Optional)
Custom HTTP headers to be sent along with each remote write request. Be aware that headers that are set by Prometheus itself can’t be overwritten. It requires Prometheus >= v2.25.0 or Thanos >= v0.24.0. |
writeRelabelConfigs[]RelabelConfig |
(Optional)
The list of remote write relabel configurations. |
oauth2OAuth2 |
(Optional)
OAuth2 configuration for the URL. It requires Prometheus >= v2.27.0 or Thanos >= v0.24.0. Cannot be set at the same time as |
basicAuthBasicAuth |
(Optional)
BasicAuth configuration for the URL. Cannot be set at the same time as |
bearerTokenFilestring |
File from which to read bearer token for the URL. Deprecated: this will be removed in a future release. Prefer using |
authorizationAuthorization |
(Optional)
Authorization section for the URL. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. Cannot be set at the same time as |
sigv4Sigv4 |
(Optional)
Sigv4 allows to configures AWS’s Signature Verification 4 for the URL. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. Cannot be set at the same time as |
azureAdAzureAD |
(Optional)
AzureAD for the URL. It requires Prometheus >= v2.45.0 or Thanos >= v0.31.0. Cannot be set at the same time as |
bearerTokenstring |
Warning: this field shouldn’t be used because the token value appears
in clear-text. Prefer using Deprecated: this will be removed in a future release. |
tlsConfigTLSConfig |
(Optional)
TLS Config to use for the URL. |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. |
queueConfigQueueConfig |
(Optional)
QueueConfig allows tuning of the remote write queue parameters. |
metadataConfigMetadataConfig |
(Optional)
MetadataConfig configures the sending of series metadata to the remote storage. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. |
roundRobinDNSbool |
(Optional)
When enabled: - The remote-write mechanism will resolve the hostname via DNS. - It will randomly select one of the resolved IP addresses and connect to it. When disabled (default behavior): - The Go standard library will handle hostname resolution. - It will attempt connections to each resolved IP address sequentially. Note: The connection timeout applies to the entire resolution and connection process. If disabled, the timeout is distributed across all connection attempts. It requires Prometheus >= v3.1.0 or Thanos >= v0.38.0. |
RetainConfig
(Appears on:ShardRetentionPolicy)
| Field | Description |
|---|---|
retentionPeriodDuration |
Rule
(Appears on:RuleGroup)
Rule describes an alerting or recording rule See Prometheus documentation: alerting or recording rule
| Field | Description |
|---|---|
recordstring |
Name of the time series to output to. Must be a valid metric name.
Only one of |
alertstring |
Name of the alert. Must be a valid label value.
Only one of |
exprk8s.io/apimachinery/pkg/util/intstr.IntOrString |
PromQL expression to evaluate. |
forDuration |
(Optional)
Alerts are considered firing once they have been returned for this long. |
keep_firing_forNonEmptyDuration |
(Optional)
KeepFiringFor defines how long an alert will continue firing after the condition that triggered it has cleared. |
labelsmap[string]string |
Labels to add or overwrite. |
annotationsmap[string]string |
Annotations to add to each alert. Only valid for alerting rules. |
RuleGroup
(Appears on:PrometheusRuleSpec)
RuleGroup is a list of sequentially evaluated recording and alerting rules.
| Field | Description |
|---|---|
namestring |
Name of the rule group. |
labelsmap[string]string |
(Optional)
Labels to add or overwrite before storing the result for its rules. The labels defined at the rule level take precedence. It requires Prometheus >= 3.0.0. The field is ignored for Thanos Ruler. |
intervalDuration |
(Optional)
Interval determines how often rules in the group are evaluated. |
query_offsetDuration |
(Optional)
Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. It requires Prometheus >= v2.53.0. It is not supported for ThanosRuler. |
rules[]Rule |
(Optional)
List of alerting and recording rules. |
partial_response_strategystring |
PartialResponseStrategy is only used by ThanosRuler and will be ignored by Prometheus instances. More info: https://github.com/thanos-io/thanos/blob/main/docs/components/rule.md#partial-response |
limitint |
(Optional)
Limit the number of alerts an alerting rule and series a recording rule can produce. Limit is supported starting with Prometheus >= 2.31 and Thanos Ruler >= 0.24. |
Rules
(Appears on:PrometheusSpec)
| Field | Description |
|---|---|
alertRulesAlert |
Defines the parameters of the Prometheus rules’ engine. Any update to these parameters trigger a restart of the pods. |
RulesAlert
(Appears on:Rules)
| Field | Description |
|---|---|
forOutageTolerancestring |
Max time to tolerate prometheus outage for restoring ‘for’ state of alert. |
forGracePeriodstring |
Minimum duration between alert and restored ‘for’ state. This is maintained only for alerts with a configured ‘for’ time greater than the grace period. |
resendDelaystring |
Minimum amount of time to wait before resending an alert to Alertmanager. |
RuntimeConfig
(Appears on:CommonPrometheusFields)
RuntimeConfig configures the values for the process behavior.
| Field | Description |
|---|---|
goGCint32 |
(Optional)
The Go garbage collection target percentage. Lowering this number may increase the CPU usage. See: https://tip.golang.org/doc/gc-guide#GOGC |
SafeAuthorization
(Appears on:AlertmanagerEndpoints, Authorization, Endpoint, HTTPConfig, PodMetricsEndpoint, ProbeSpec, AzureSDConfig, ConsulSDConfig, DigitalOceanSDConfig, DockerSDConfig, DockerSwarmSDConfig, EurekaSDConfig, HTTPConfig, HTTPSDConfig, HetznerSDConfig, IonosSDConfig, KubernetesSDConfig, KumaSDConfig, LightSailSDConfig, LinodeSDConfig, NomadSDConfig, PuppetDBSDConfig, ScrapeConfigSpec, HTTPConfig)
SafeAuthorization specifies a subset of the Authorization struct, that is safe for use because it doesn’t provide access to the Prometheus container’s filesystem.
| Field | Description |
|---|---|
typestring |
Defines the authentication type. The value is case-insensitive. “Basic” is not a supported value. Default: “Bearer” |
credentialsKubernetes core/v1.SecretKeySelector |
Selects a key of a Secret in the namespace that contains the credentials for authentication. |
SafeTLSConfig
(Appears on:ClusterTLSConfig, GlobalSMTPConfig, HTTPConfig, OAuth2, PodMetricsEndpoint, ProbeSpec, TLSConfig, AzureSDConfig, ConsulSDConfig, DigitalOceanSDConfig, DockerSDConfig, DockerSwarmSDConfig, EC2SDConfig, EmailConfig, EurekaSDConfig, HTTPConfig, HTTPSDConfig, HetznerSDConfig, IonosSDConfig, KubernetesSDConfig, KumaSDConfig, LightSailSDConfig, LinodeSDConfig, NomadSDConfig, OpenStackSDConfig, PuppetDBSDConfig, ScalewaySDConfig, ScrapeConfigSpec, EmailConfig, HTTPConfig)
SafeTLSConfig specifies safe TLS configuration parameters.
| Field | Description |
|---|---|
caSecretOrConfigMap |
Certificate authority used when verifying server certificates. |
certSecretOrConfigMap |
Client certificate to present when doing client-authentication. |
keySecretKubernetes core/v1.SecretKeySelector |
Secret containing the client key file for the targets. |
serverNamestring |
(Optional)
Used to verify the hostname for the targets. |
insecureSkipVerifybool |
(Optional)
Disable target certificate validation. |
minVersionTLSVersion |
(Optional)
Minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. |
maxVersionTLSVersion |
(Optional)
Maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. |
ScrapeClass
(Appears on:CommonPrometheusFields)
| Field | Description |
|---|---|
namestring |
Name of the scrape class. |
defaultbool |
(Optional)
Default indicates that the scrape applies to all scrape objects that don’t configure an explicit scrape class name. Only one scrape class can be set as the default. |
fallbackScrapeProtocolScrapeProtocol |
(Optional)
The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It will only apply if the scrape resource doesn’t specify any FallbackScrapeProtocol It requires Prometheus >= v3.0.0. |
tlsConfigTLSConfig |
(Optional)
TLSConfig defines the TLS settings to use for the scrape. When the scrape objects define their own CA, certificate and/or key, they take precedence over the corresponding scrape class fields. For now only the |
authorizationAuthorization |
(Optional)
Authorization section for the ScrapeClass. It will only apply if the scrape resource doesn’t specify any Authorization. |
relabelings[]RelabelConfig |
(Optional)
Relabelings configures the relabeling rules to apply to all scrape targets. The Operator automatically adds relabelings for a few standard Kubernetes fields
like More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config |
metricRelabelings[]RelabelConfig |
(Optional)
MetricRelabelings configures the relabeling rules to apply to all samples before ingestion. The Operator adds the scrape class metric relabelings defined here. Then the Operator adds the target-specific metric relabelings defined in ServiceMonitors, PodMonitors, Probes and ScrapeConfigs. Then the Operator adds namespace enforcement relabeling rule, specified in ‘.spec.enforcedNamespaceLabel’. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs |
attachMetadataAttachMetadata |
(Optional)
AttachMetadata configures additional metadata to the discovered targets. When the scrape object defines its own configuration, it takes precedence over the scrape class configuration. |
ScrapeProtocol
(string alias)
(Appears on:CommonPrometheusFields, PodMonitorSpec, ProbeSpec, ScrapeClass, ServiceMonitorSpec, ScrapeConfigSpec)
ScrapeProtocol represents a protocol used by Prometheus for scraping metrics.
Supported values are:
* OpenMetricsText0.0.1
* OpenMetricsText1.0.0
* PrometheusProto
* PrometheusText0.0.4
* PrometheusText1.0.0
| Value | Description |
|---|---|
"OpenMetricsText0.0.1" |
|
"OpenMetricsText1.0.0" |
|
"PrometheusProto" |
|
"PrometheusText0.0.4" |
|
"PrometheusText1.0.0" |
SecretOrConfigMap
(Appears on:AlertmanagerConfiguration, OAuth2, SafeTLSConfig, WebTLSConfig)
SecretOrConfigMap allows to specify data as a Secret or ConfigMap. Fields are mutually exclusive.
| Field | Description |
|---|---|
secretKubernetes core/v1.SecretKeySelector |
Secret containing data to use for the targets. |
configMapKubernetes core/v1.ConfigMapKeySelector |
ConfigMap containing data to use for the targets. |
SelectorMechanism
(string alias)
(Appears on:PodMonitorSpec, ServiceMonitorSpec)
| Value | Description |
|---|---|
"RelabelConfig" |
|
"RoleSelector" |
ServiceDiscoveryRole
(string alias)
(Appears on:CommonPrometheusFields)
| Value | Description |
|---|---|
"EndpointSlice" |
|
"Endpoints" |
ServiceMonitorSpec
(Appears on:ServiceMonitor)
ServiceMonitorSpec defines the specification parameters for a ServiceMonitor.
| Field | Description |
|---|---|
jobLabelstring |
For example if If the value of this field is empty or if the label doesn’t exist for
the given Service, the |
targetLabels[]string |
(Optional)
|
podTargetLabels[]string |
(Optional)
|
endpoints[]Endpoint |
List of endpoints part of this ServiceMonitor. Defines how to scrape metrics from Kubernetes Endpoints objects. In most cases, an Endpoints object is backed by a Kubernetes Service object with the same name and labels. |
selectorKubernetes meta/v1.LabelSelector |
Label selector to select the Kubernetes |
selectorMechanismSelectorMechanism |
(Optional)
Mechanism used to select the endpoints to scrape. By default, the selection process relies on relabel configurations to filter the discovered targets. Alternatively, you can opt in for role selectors, which may offer better efficiency in large clusters. Which strategy is best for your use case needs to be carefully evaluated. It requires Prometheus >= v2.17.0. |
namespaceSelectorNamespaceSelector |
|
sampleLimituint64 |
(Optional)
|
scrapeProtocols[]ScrapeProtocol |
(Optional)
If unset, Prometheus uses its default value. It requires Prometheus >= v2.49.0. |
fallbackScrapeProtocolScrapeProtocol |
(Optional)
The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It requires Prometheus >= v3.0.0. |
targetLimituint64 |
(Optional)
|
labelLimituint64 |
(Optional)
Per-scrape limit on number of labels that will be accepted for a sample. It requires Prometheus >= v2.27.0. |
labelNameLengthLimituint64 |
(Optional)
Per-scrape limit on length of labels name that will be accepted for a sample. It requires Prometheus >= v2.27.0. |
labelValueLengthLimituint64 |
(Optional)
Per-scrape limit on length of labels value that will be accepted for a sample. It requires Prometheus >= v2.27.0. |
scrapeClassicHistogramsbool |
(Optional)
Whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v2.45.0. |
nativeHistogramBucketLimituint64 |
(Optional)
If there are more than this many buckets in a native histogram, buckets will be merged to stay within the limit. It requires Prometheus >= v2.45.0. |
nativeHistogramMinBucketFactork8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
If the growth factor of one bucket to the next is smaller than this, buckets will be merged to increase the factor sufficiently. It requires Prometheus >= v2.50.0. |
convertClassicHistogramsToNHCBbool |
(Optional)
Whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.0.0. |
keepDroppedTargetsuint64 |
(Optional)
Per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. |
attachMetadataAttachMetadata |
(Optional)
It requires Prometheus >= v2.37.0. |
scrapeClassstring |
(Optional)
The scrape class to apply. |
bodySizeLimitByteSize |
(Optional)
When defined, bodySizeLimit specifies a job level limit on the size of uncompressed response body that will be accepted by Prometheus. It requires Prometheus >= v2.28.0. |
ShardRetentionPolicy
(Appears on:PrometheusSpec)
| Field | Description |
|---|---|
whenScaledWhenScaledRetentionType |
(Optional)
Defines the retention policy when the Prometheus shards are scaled down.
* If not defined, the operator assumes the |
retainRetainConfig |
(Optional)
Defines the config for retention when the retention policy is set to |
ShardStatus
(Appears on:PrometheusStatus)
| Field | Description |
|---|---|
shardIDstring |
Identifier of the shard. |
replicasint32 |
Total number of pods targeted by this shard. |
updatedReplicasint32 |
Total number of non-terminated pods targeted by this shard that have the desired spec. |
availableReplicasint32 |
Total number of available pods (ready for at least minReadySeconds) targeted by this shard. |
unavailableReplicasint32 |
Total number of unavailable pods targeted by this shard. |
Sigv4
(Appears on:AlertmanagerEndpoints, RemoteWriteSpec, SNSConfig, SNSConfig)
Sigv4 optionally configures AWS’s Signature Verification 4 signing process to sign requests.
| Field | Description |
|---|---|
regionstring |
Region is the AWS region. If blank, the region from the default credentials chain used. |
accessKeyKubernetes core/v1.SecretKeySelector |
(Optional)
AccessKey is the AWS API key. If not specified, the environment variable
|
secretKeyKubernetes core/v1.SecretKeySelector |
(Optional)
SecretKey is the AWS API secret. If not specified, the environment
variable |
profilestring |
Profile is the named AWS profile used to authenticate. |
roleArnstring |
RoleArn is the named AWS profile used to authenticate. |
StorageSpec
(Appears on:AlertmanagerSpec, CommonPrometheusFields, ThanosRulerSpec)
StorageSpec defines the configured storage for a group Prometheus servers. If no storage option is specified, then by default an EmptyDir will be used.
If multiple storage options are specified, priority will be given as follows: 1. emptyDir 2. ephemeral 3. volumeClaimTemplate
| Field | Description |
|---|---|
disableMountSubPathbool |
Deprecated: subPath usage will be removed in a future release. |
emptyDirKubernetes core/v1.EmptyDirVolumeSource |
EmptyDirVolumeSource to be used by the StatefulSet.
If specified, it takes precedence over |
ephemeralKubernetes core/v1.EphemeralVolumeSource |
EphemeralVolumeSource to be used by the StatefulSet. This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes |
volumeClaimTemplateEmbeddedPersistentVolumeClaim |
Defines the PVC spec to be used by the Prometheus StatefulSets. The easiest way to use a volume that cannot be automatically provisioned is to use a label selector alongside manually created PersistentVolumes. |
TLSConfig
(Appears on:APIServerConfig, AlertmanagerEndpoints, Endpoint, PrometheusTracingConfig, RemoteReadSpec, RemoteWriteSpec, ScrapeClass, ThanosRulerSpec, ThanosSpec)
TLSConfig extends the safe TLS configuration with file parameters.
| Field | Description |
|---|---|
caSecretOrConfigMap |
Certificate authority used when verifying server certificates. |
certSecretOrConfigMap |
Client certificate to present when doing client-authentication. |
keySecretKubernetes core/v1.SecretKeySelector |
Secret containing the client key file for the targets. |
serverNamestring |
(Optional)
Used to verify the hostname for the targets. |
insecureSkipVerifybool |
(Optional)
Disable target certificate validation. |
minVersionTLSVersion |
(Optional)
Minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. |
maxVersionTLSVersion |
(Optional)
Maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. |
caFilestring |
Path to the CA cert in the Prometheus container to use for the targets. |
certFilestring |
Path to the client cert file in the Prometheus container for the targets. |
keyFilestring |
Path to the client key file in the Prometheus container for the targets. |
TLSVersion
(string alias)
(Appears on:SafeTLSConfig)
| Value | Description |
|---|---|
"TLS10" |
|
"TLS11" |
|
"TLS12" |
|
"TLS13" |
TSDBSpec
(Appears on:CommonPrometheusFields)
| Field | Description |
|---|---|
outOfOrderTimeWindowDuration |
(Optional)
Configures how old an out-of-order/out-of-bounds sample can be with respect to the TSDB max time. An out-of-order/out-of-bounds sample is ingested into the TSDB as long as the timestamp of the sample is >= (TSDB.MaxTime - outOfOrderTimeWindow). This is an experimental feature, it may change in any upcoming release in a breaking way. It requires Prometheus >= v2.39.0 or PrometheusAgent >= v2.54.0. |
ThanosRulerSpec
(Appears on:ThanosRuler)
ThanosRulerSpec is a specification of the desired behavior of the ThanosRuler. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
| Field | Description |
|---|---|
versionstring |
(Optional)
Version of Thanos to be deployed. |
podMetadataEmbeddedObjectMetadata |
(Optional)
PodMetadata configures labels and annotations which are propagated to the ThanosRuler pods. The following items are reserved and cannot be overridden: * “app.kubernetes.io/name” label, set to “thanos-ruler”. * “app.kubernetes.io/managed-by” label, set to “prometheus-operator”. * “app.kubernetes.io/instance” label, set to the name of the ThanosRuler instance. * “thanos-ruler” label, set to the name of the ThanosRuler instance. * “kubectl.kubernetes.io/default-container” annotation, set to “thanos-ruler”. |
imagestring |
Thanos container image URL. |
imagePullPolicyKubernetes core/v1.PullPolicy |
Image pull policy for the ‘thanos’, ‘init-config-reloader’ and ‘config-reloader’ containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. |
imagePullSecrets[]Kubernetes core/v1.LocalObjectReference |
(Optional)
An optional list of references to secrets in the same namespace to use for pulling thanos images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod |
pausedbool |
When a ThanosRuler deployment is paused, no actions except for deletion will be performed on the underlying objects. |
replicasint32 |
(Optional)
Number of thanos ruler instances to deploy. |
nodeSelectormap[string]string |
(Optional)
Define which Nodes the Pods are scheduled on. |
resourcesKubernetes core/v1.ResourceRequirements |
Resources defines the resource requirements for single Pods. If not provided, no requests/limits will be set |
affinityKubernetes core/v1.Affinity |
(Optional)
If specified, the pod’s scheduling constraints. |
tolerations[]Kubernetes core/v1.Toleration |
(Optional)
If specified, the pod’s tolerations. |
topologySpreadConstraints[]Kubernetes core/v1.TopologySpreadConstraint |
(Optional)
If specified, the pod’s topology spread constraints. |
securityContextKubernetes core/v1.PodSecurityContext |
(Optional)
SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext. |
dnsPolicyDNSPolicy |
(Optional)
Defines the DNS policy for the pods. |
dnsConfigPodDNSConfig |
(Optional)
Defines the DNS configuration for the pods. |
enableServiceLinksbool |
(Optional)
Indicates whether information about services should be injected into pod’s environment variables |
priorityClassNamestring |
Priority class assigned to the Pods |
serviceNamestring |
(Optional)
The name of the service name used by the underlying StatefulSet(s) as the governing service.
If defined, the Service must be created before the ThanosRuler resource in the same namespace and it must define a selector that matches the pod labels.
If empty, the operator will create and manage a headless service named |
serviceAccountNamestring |
ServiceAccountName is the name of the ServiceAccount to use to run the Thanos Ruler Pods. |
storageStorageSpec |
(Optional)
Storage spec to specify how storage shall be used. |
volumes[]Kubernetes core/v1.Volume |
(Optional)
Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects. |
volumeMounts[]Kubernetes core/v1.VolumeMount |
(Optional)
VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the ruler container, that are generated as a result of StorageSpec objects. |
objectStorageConfigKubernetes core/v1.SecretKeySelector |
(Optional)
Configures object storage. The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage The operator performs no validation of the configuration.
|
objectStorageConfigFilestring |
(Optional)
Configures the path of the object storage configuration file. The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage The operator performs no validation of the configuration file. This field takes precedence over |
listenLocalbool |
ListenLocal makes the Thanos ruler listen on loopback, so that it does not bind against the Pod IP. |
queryEndpoints[]string |
(Optional)
Configures the list of Thanos Query endpoints from which to query metrics. For Thanos >= v0.11.0, it is recommended to use
|
queryConfigKubernetes core/v1.SecretKeySelector |
(Optional)
Configures the list of Thanos Query endpoints from which to query metrics. The configuration format is defined at https://thanos.io/tip/components/rule.md/#query-api It requires Thanos >= v0.11.0. The operator performs no validation of the configuration. This field takes precedence over |
alertmanagersUrl[]string |
(Optional)
Configures the list of Alertmanager endpoints to send alerts to. For Thanos >= v0.10.0, it is recommended to use
|
alertmanagersConfigKubernetes core/v1.SecretKeySelector |
(Optional)
Configures the list of Alertmanager endpoints to send alerts to. The configuration format is defined at https://thanos.io/tip/components/rule.md/#alertmanager. It requires Thanos >= v0.10.0. The operator performs no validation of the configuration. This field takes precedence over |
ruleSelectorKubernetes meta/v1.LabelSelector |
(Optional)
PrometheusRule objects to be selected for rule evaluation. An empty label selector matches all objects. A null label selector matches no objects. |
ruleNamespaceSelectorKubernetes meta/v1.LabelSelector |
(Optional)
Namespaces to be selected for Rules discovery. If unspecified, only the same namespace as the ThanosRuler object is in is used. |
enforcedNamespaceLabelstring |
EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert and metric that is user created. The label value will always be the namespace of the object that is being created. |
excludedFromEnforcement[]ObjectReference |
(Optional)
List of references to PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true. |
prometheusRulesExcludedFromEnforce[]PrometheusRuleExcludeConfig |
(Optional)
PrometheusRulesExcludedFromEnforce - list of Prometheus rules to be excluded from enforcing of adding namespace labels. Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair Deprecated: use excludedFromEnforcement instead. |
logLevelstring |
Log level for ThanosRuler to be configured with. |
logFormatstring |
Log format for ThanosRuler to be configured with. |
portNamestring |
Port name used for the pods and governing service.
Defaults to |
evaluationIntervalDuration |
Interval between consecutive evaluations. |
ruleOutageToleranceDuration |
(Optional)
Max time to tolerate prometheus outage for restoring “for” state of alert. It requires Thanos >= v0.30.0. |
ruleQueryOffsetDuration |
(Optional)
The default rule group’s query offset duration to use. It requires Thanos >= v0.38.0. |
ruleConcurrentEvalint32 |
(Optional)
How many rules can be evaluated concurrently. It requires Thanos >= v0.37.0. |
retentionDuration |
Time duration ThanosRuler shall retain data for. Default is ‘24h’, and
must match the regular expression The field has no effect when remote-write is configured since the Ruler operates in stateless mode. |
containers[]Kubernetes core/v1.Container |
(Optional)
Containers allows injecting additional containers or modifying operator generated
containers. This can be used to allow adding an authentication proxy to a ThanosRuler pod or
to change the behavior of an operator generated container. Containers described here modify
an operator generated container if they share the same name and modifications are done via a
strategic merge patch. The current container names are: |
initContainers[]Kubernetes core/v1.Container |
(Optional)
InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the ThanosRuler configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ Using initContainers for any use case other then secret fetching is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. |
tracingConfigKubernetes core/v1.SecretKeySelector |
(Optional)
Configures tracing. The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration This is an experimental feature, it may change in any upcoming release in a breaking way. The operator performs no validation of the configuration.
|
tracingConfigFilestring |
(Optional)
Configures the path of the tracing configuration file. The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration This is an experimental feature, it may change in any upcoming release in a breaking way. The operator performs no validation of the configuration file. This field takes precedence over |
labelsmap[string]string |
(Optional)
Configures the external label pairs of the ThanosRuler resource. A default replica label |
alertDropLabels[]string |
(Optional)
Configures the label names which should be dropped in Thanos Ruler alerts. The replica label |
externalPrefixstring |
The external URL the Thanos Ruler instances will be available under. This is necessary to generate correct URLs. This is necessary if Thanos Ruler is not served from root of a DNS name. |
routePrefixstring |
The route prefix ThanosRuler registers HTTP handlers for. This allows thanos UI to be served on a sub-path. |
grpcServerTlsConfigTLSConfig |
(Optional)
GRPCServerTLSConfig configures the gRPC server from which Thanos Querier reads recorded rule data. Note: Currently only the CAFile, CertFile, and KeyFile fields are supported. Maps to the ‘–grpc-server-tls-*’ CLI args. |
alertQueryUrlstring |
The external Query URL the Thanos Ruler will set in the ‘Source’ field of all alerts. Maps to the ‘–alert.query-url’ CLI arg. |
minReadySecondsuint32 |
(Optional)
Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate. |
alertRelabelConfigsKubernetes core/v1.SecretKeySelector |
(Optional)
Configures alert relabeling in Thanos Ruler. Alert relabel configuration must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs The operator performs no validation of the configuration.
|
alertRelabelConfigFilestring |
(Optional)
Configures the path to the alert relabeling configuration file. Alert relabel configuration must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs The operator performs no validation of the configuration file. This field takes precedence over |
hostAliases[]HostAlias |
Pods’ hostAliases configuration |
additionalArgs[]Argument |
(Optional)
AdditionalArgs allows setting additional arguments for the ThanosRuler container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the ThanosRuler container which may cause issues if they are invalid or not supported by the given ThanosRuler version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument the reconciliation will fail and an error will be logged. |
webThanosRulerWebSpec |
(Optional)
Defines the configuration of the ThanosRuler web server. |
remoteWrite[]RemoteWriteSpec |
(Optional)
Defines the list of remote write configurations. When the list isn’t empty, the ruler is configured with stateless mode. It requires Thanos >= 0.24.0. |
terminationGracePeriodSecondsint64 |
(Optional)
Optional duration in seconds the pod needs to terminate gracefully. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down) which may lead to data corruption. Defaults to 120 seconds. |
ThanosRulerStatus
(Appears on:ThanosRuler)
ThanosRulerStatus is the most recent observed status of the ThanosRuler. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
| Field | Description |
|---|---|
pausedbool |
Represents whether any actions on the underlying managed objects are being performed. Only delete actions will be performed. |
replicasint32 |
Total number of non-terminated pods targeted by this ThanosRuler deployment (their labels match the selector). |
updatedReplicasint32 |
Total number of non-terminated pods targeted by this ThanosRuler deployment that have the desired version spec. |
availableReplicasint32 |
Total number of available pods (ready for at least minReadySeconds) targeted by this ThanosRuler deployment. |
unavailableReplicasint32 |
Total number of unavailable pods targeted by this ThanosRuler deployment. |
conditions[]Condition |
(Optional)
The current state of the ThanosRuler object. |
ThanosRulerWebSpec
(Appears on:ThanosRulerSpec)
ThanosRulerWebSpec defines the configuration of the ThanosRuler web server.
| Field | Description |
|---|---|
tlsConfigWebTLSConfig |
Defines the TLS parameters for HTTPS. |
httpConfigWebHTTPConfig |
Defines HTTP parameters for web server. |
ThanosSpec
(Appears on:PrometheusSpec)
ThanosSpec defines the configuration of the Thanos sidecar.
| Field | Description |
|---|---|
imagestring |
(Optional)
Container image name for Thanos. If specified, it takes precedence over
the Specifying If neither |
versionstring |
(Optional)
Version of Thanos being deployed. The operator uses this information to generate the Prometheus StatefulSet + configuration files. If not specified, the operator assumes the latest upstream release of Thanos available at the time when the version of the operator was released. |
tagstring |
(Optional)
Deprecated: use ‘image’ instead. The image’s tag can be specified as as part of the image name. |
shastring |
(Optional)
Deprecated: use ‘image’ instead. The image digest can be specified as part of the image name. |
baseImagestring |
(Optional)
Deprecated: use ‘image’ instead. |
resourcesKubernetes core/v1.ResourceRequirements |
Defines the resources requests and limits of the Thanos sidecar. |
objectStorageConfigKubernetes core/v1.SecretKeySelector |
(Optional)
Defines the Thanos sidecar’s configuration to upload TSDB blocks to object storage. More info: https://thanos.io/tip/thanos/storage.md/ objectStorageConfigFile takes precedence over this field. |
objectStorageConfigFilestring |
(Optional)
Defines the Thanos sidecar’s configuration file to upload TSDB blocks to object storage. More info: https://thanos.io/tip/thanos/storage.md/ This field takes precedence over objectStorageConfig. |
listenLocalbool |
Deprecated: use |
grpcListenLocalbool |
When true, the Thanos sidecar listens on the loopback interface instead of the Pod IP’s address for the gRPC endpoints. It has no effect if |
httpListenLocalbool |
When true, the Thanos sidecar listens on the loopback interface instead of the Pod IP’s address for the HTTP endpoints. It has no effect if |
tracingConfigKubernetes core/v1.SecretKeySelector |
(Optional)
Defines the tracing configuration for the Thanos sidecar.
More info: https://thanos.io/tip/thanos/tracing.md/ This is an experimental feature, it may change in any upcoming release in a breaking way. |
tracingConfigFilestring |
Defines the tracing configuration file for the Thanos sidecar. This field takes precedence over More info: https://thanos.io/tip/thanos/tracing.md/ This is an experimental feature, it may change in any upcoming release in a breaking way. |
grpcServerTlsConfigTLSConfig |
(Optional)
Configures the TLS parameters for the gRPC server providing the StoreAPI. Note: Currently only the |
logLevelstring |
Log level for the Thanos sidecar. |
logFormatstring |
Log format for the Thanos sidecar. |
minTimestring |
Defines the start of time range limit served by the Thanos sidecar’s StoreAPI. The field’s value should be a constant time in RFC3339 format or a time duration relative to current time, such as -1d or 2h45m. Valid duration units are ms, s, m, h, d, w, y. |
blockSizeDuration |
BlockDuration controls the size of TSDB blocks produced by Prometheus. The default value is 2h to match the upstream Prometheus defaults. WARNING: Changing the block duration can impact the performance and efficiency of the entire Prometheus/Thanos stack due to how it interacts with memory and Thanos compactors. It is recommended to keep this value set to a multiple of 120 times your longest scrape or rule interval. For example, 30s * 120 = 1h. |
readyTimeoutDuration |
ReadyTimeout is the maximum time that the Thanos sidecar will wait for Prometheus to start. |
getConfigIntervalDuration |
How often to retrieve the Prometheus configuration. |
getConfigTimeoutDuration |
Maximum time to wait when retrieving the Prometheus configuration. |
volumeMounts[]Kubernetes core/v1.VolumeMount |
(Optional)
VolumeMounts allows configuration of additional VolumeMounts for Thanos. VolumeMounts specified will be appended to other VolumeMounts in the ‘thanos-sidecar’ container. |
additionalArgs[]Argument |
(Optional)
AdditionalArgs allows setting additional arguments for the Thanos container. The arguments are passed as-is to the Thanos container which may cause issues if they are invalid or not supported the given Thanos version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument, the reconciliation will fail and an error will be logged. |
TopologySpreadConstraint
(Appears on:CommonPrometheusFields)
| Field | Description |
|---|---|
maxSkewint32 |
MaxSkew describes the degree to which pods may be unevenly distributed.
When |
topologyKeystring |
TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a “bucket”, and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is “kubernetes.io/hostname”, each Node is a domain of that topology. And, if TopologyKey is “topology.kubernetes.io/zone”, each zone is a domain of that topology. It’s a required field. |
whenUnsatisfiableKubernetes core/v1.UnsatisfiableConstraintAction |
WhenUnsatisfiable indicates how to deal with a pod if it doesn’t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered “Unsatisfiable” for an incoming pod if and only if every possible node assignment for that pod would violate “MaxSkew” on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won’t make it more imbalanced. It’s a required field. |
labelSelectorKubernetes meta/v1.LabelSelector |
(Optional)
LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. |
minDomainsint32 |
(Optional)
MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats “global minimum” as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won’t schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so “global minimum” is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. |
nodeAffinityPolicyKubernetes core/v1.NodeInclusionPolicy |
(Optional)
NodeAffinityPolicy indicates how we will treat Pod’s nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. |
nodeTaintsPolicyKubernetes core/v1.NodeInclusionPolicy |
(Optional)
NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. |
matchLabelKeys[]string |
(Optional)
MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn’t set. Keys that don’t exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). |
additionalLabelSelectorsAdditionalLabelSelectors |
(Optional)
Defines what Prometheus Operator managed labels should be added to labelSelector on the topologySpreadConstraint. |
TranslationStrategyOption
(string alias)
(Appears on:OTLPConfig)
TranslationStrategyOption represents a translation strategy option for the OTLP endpoint.
Supported values are:
* NoUTF8EscapingWithSuffixes
* UnderscoreEscapingWithSuffixes
* NoTranslation
| Value | Description |
|---|---|
"NoTranslation" |
It requires Prometheus >= v3.4.0. |
"NoUTF8EscapingWithSuffixes" |
|
"UnderscoreEscapingWithSuffixes" |
URL
(string alias)
(Appears on:GlobalJiraConfig, GlobalRocketChatConfig, GlobalTelegramConfig, GlobalVictorOpsConfig, GlobalWeChatConfig, GlobalWebexConfig)
URL represents a valid URL
WebConfigFileFields
(Appears on:AlertmanagerWebSpec, PrometheusWebSpec, ThanosRulerWebSpec)
WebConfigFileFields defines the file content for –web.config.file flag.
| Field | Description |
|---|---|
tlsConfigWebTLSConfig |
Defines the TLS parameters for HTTPS. |
httpConfigWebHTTPConfig |
Defines HTTP parameters for web server. |
WebHTTPConfig
(Appears on:WebConfigFileFields)
WebHTTPConfig defines HTTP parameters for web server.
| Field | Description |
|---|---|
http2bool |
Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. When TLSConfig is not configured, HTTP/2 will be disabled. Whenever the value of the field changes, a rolling update will be triggered. |
headersWebHTTPHeaders |
List of headers that can be added to HTTP responses. |
WebHTTPHeaders
(Appears on:WebHTTPConfig)
WebHTTPHeaders defines the list of headers that can be added to HTTP responses.
| Field | Description |
|---|---|
contentSecurityPolicystring |
Set the Content-Security-Policy header to HTTP responses. Unset if blank. |
xFrameOptionsstring |
Set the X-Frame-Options header to HTTP responses. Unset if blank. Accepted values are deny and sameorigin. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options |
xContentTypeOptionsstring |
Set the X-Content-Type-Options header to HTTP responses. Unset if blank. Accepted value is nosniff. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options |
xXSSProtectionstring |
Set the X-XSS-Protection header to all responses. Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection |
strictTransportSecuritystring |
Set the Strict-Transport-Security header to HTTP responses. Unset if blank. Please make sure that you use this with care as this header might force browsers to load Prometheus and the other applications hosted on the same domain and subdomains over HTTPS. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security |
WebTLSConfig
(Appears on:ClusterTLSConfig, WebConfigFileFields)
WebTLSConfig defines the TLS parameters for HTTPS.
| Field | Description |
|---|---|
certSecretOrConfigMap |
(Optional)
Secret or ConfigMap containing the TLS certificate for the web server. Either It is mutually exclusive with |
certFilestring |
(Optional)
Path to the TLS certificate file in the container for the web server. Either It is mutually exclusive with |
keySecretKubernetes core/v1.SecretKeySelector |
(Optional)
Secret containing the TLS private key for the web server. Either It is mutually exclusive with |
keyFilestring |
(Optional)
Path to the TLS private key file in the container for the web server. If defined, either It is mutually exclusive with |
client_caSecretOrConfigMap |
(Optional)
Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. It is mutually exclusive with |
clientCAFilestring |
(Optional)
Path to the CA certificate file for client certificate authentication to the server. It is mutually exclusive with |
clientAuthTypestring |
(Optional)
The server policy for client TLS authentication. For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType |
minVersionstring |
(Optional)
Minimum TLS version that is acceptable. |
maxVersionstring |
(Optional)
Maximum TLS version that is acceptable. |
cipherSuites[]string |
(Optional)
List of supported cipher suites for TLS versions up to TLS 1.2. If not defined, the Go default cipher suites are used. Available cipher suites are documented in the Go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants |
preferServerCipherSuitesbool |
(Optional)
Controls whether the server selects the client’s most preferred cipher suite, or the server’s most preferred cipher suite. If true then the server’s preference, as expressed in the order of elements in cipherSuites, is used. |
curvePreferences[]string |
(Optional)
Elliptic curves that will be used in an ECDHE handshake, in preference order. Available curves are documented in the Go documentation: https://golang.org/pkg/crypto/tls/#CurveID |
WhenScaledRetentionType
(string alias)
(Appears on:ShardRetentionPolicy)
WorkloadBinding
(Appears on:ConfigResourceStatus)
WorkloadBinding is a link between a configuration resource and a workload resource.
| Field | Description |
|---|---|
groupstring |
The group of the referenced resource. |
resourcestring |
The type of resource being referenced (e.g. Prometheus or PrometheusAgent). |
namestring |
The name of the referenced object. |
namespacestring |
The namespace of the referenced object. |
conditions[]ConfigResourceCondition |
(Optional)
The current state of the configuration resource when bound to the referenced Prometheus object. |
monitoring.coreos.com/v1alpha1
Resource Types:AlertmanagerConfig
AlertmanagerConfig configures the Prometheus Alertmanager, specifying how alerts should be grouped, inhibited and notified to external systems.
| Field | Description | ||||||||
|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
monitoring.coreos.com/v1alpha1
|
||||||||
kindstring |
AlertmanagerConfig |
||||||||
metadataKubernetes meta/v1.ObjectMeta |
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||||||
specAlertmanagerConfigSpec |
|
PrometheusAgent
The PrometheusAgent custom resource definition (CRD) defines a desired Prometheus Agent setup to run in a Kubernetes cluster.
The CRD is very similar to the Prometheus CRD except for features which aren’t available in agent mode like rule evaluation, persistent storage and Thanos sidecar.
| Field | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
monitoring.coreos.com/v1alpha1
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
kindstring |
PrometheusAgent |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
metadataKubernetes meta/v1.ObjectMeta |
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
specPrometheusAgentSpec |
Specification of the desired behavior of the Prometheus agent. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
statusPrometheusStatus |
Most recent observed status of the Prometheus cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |
ScrapeConfig
ScrapeConfig defines a namespaced Prometheus scrape_config to be aggregated across multiple namespaces into the Prometheus configuration.
| Field | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
monitoring.coreos.com/v1alpha1
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
kindstring |
ScrapeConfig |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
metadataKubernetes meta/v1.ObjectMeta |
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
specScrapeConfigSpec |
|
AlertmanagerConfigSpec
(Appears on:AlertmanagerConfig)
AlertmanagerConfigSpec is a specification of the desired behavior of the
Alertmanager configuration.
By default, the Alertmanager configuration only applies to alerts for which
the namespace label is equal to the namespace of the AlertmanagerConfig
resource (see the .spec.alertmanagerConfigMatcherStrategy field of the
Alertmanager CRD).
| Field | Description |
|---|---|
routeRoute |
(Optional)
The Alertmanager route definition for alerts matching the resource’s namespace. If present, it will be added to the generated Alertmanager configuration as a first-level route. |
receivers[]Receiver |
(Optional)
List of receivers. |
inhibitRules[]InhibitRule |
(Optional)
List of inhibition rules. The rules will only apply to alerts matching the resource’s namespace. |
muteTimeIntervals[]MuteTimeInterval |
(Optional)
List of MuteTimeInterval specifying when the routes should be muted. |
AttachMetadata
(Appears on:KubernetesSDConfig)
| Field | Description |
|---|---|
nodebool |
(Optional)
Attaches node metadata to discovered targets.
When set to true, Prometheus must have the |
AuthenticationMethodType
(string alias)
(Appears on:AzureSDConfig)
| Value | Description |
|---|---|
"ManagedIdentity" |
|
"OAuth" |
|
"SDK" |
AzureSDConfig
(Appears on:ScrapeConfigSpec)
AzureSDConfig allow retrieving scrape targets from Azure VMs. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#azure_sd_config
| Field | Description |
|---|---|
environmentstring |
(Optional)
The Azure environment. |
authenticationMethodAuthenticationMethodType |
(Optional)
The authentication method, either
|
subscriptionIDstring |
The subscription ID. Always required. |
tenantIDstring |
(Optional)
Optional tenant ID. Only required with the OAuth authentication method. |
clientIDstring |
(Optional)
Optional client ID. Only required with the OAuth authentication method. |
clientSecretKubernetes core/v1.SecretKeySelector |
(Optional)
Optional client secret. Only required with the OAuth authentication method. |
resourceGroupstring |
(Optional)
Optional resource group name. Limits discovery to this resource group. Requires Prometheus v2.35.0 and above |
refreshIntervalDuration |
(Optional)
RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list. |
portint32 |
(Optional)
The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. |
basicAuthBasicAuth |
(Optional)
BasicAuth information to authenticate against the target HTTP endpoint.
More info: https://prometheus.io/docs/operating/configuration/#endpoints
Cannot be set at the same time as |
authorizationSafeAuthorization |
(Optional)
Authorization header configuration to authenticate against the target HTTP endpoint.
Cannot be set at the same time as |
oauth2OAuth2 |
(Optional)
Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint.
Cannot be set at the same time as |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration applying to the target HTTP endpoint. |
ConsulSDConfig
(Appears on:ScrapeConfigSpec)
ConsulSDConfig defines a Consul service discovery configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#consul_sd_config
| Field | Description |
|---|---|
serverstring |
Consul server address. A valid string consisting of a hostname or IP followed by an optional port number. |
pathPrefixstring |
(Optional)
Prefix for URIs for when consul is behind an API gateway (reverse proxy). It requires Prometheus >= 2.45.0. |
tokenRefKubernetes core/v1.SecretKeySelector |
(Optional)
Consul ACL TokenRef, if not provided it will use the ACL from the local Consul Agent. |
datacenterstring |
(Optional)
Consul Datacenter name, if not provided it will use the local Consul Agent Datacenter. |
namespacestring |
(Optional)
Namespaces are only supported in Consul Enterprise. It requires Prometheus >= 2.28.0. |
partitionstring |
(Optional)
Admin Partitions are only supported in Consul Enterprise. |
schemestring |
(Optional)
HTTP Scheme default “http” |
services[]string |
(Optional)
A list of services for which targets are retrieved. If omitted, all services are scraped. |
tags[]string |
(Optional)
An optional list of tags used to filter nodes for a given service. Services must contain all tags in the list.
Starting with Consul 1.14, it is recommended to use |
tagSeparatorstring |
(Optional)
The string by which Consul tags are joined into the tag label. If unset, Prometheus uses its default value. |
nodeMetamap[string]string |
(Optional)
Node metadata key/value pairs to filter nodes for a given service.
Starting with Consul 1.14, it is recommended to use |
filterstring |
(Optional)
Filter expression used to filter the catalog results. See https://www.consul.io/api-docs/catalog#list-services It requires Prometheus >= 3.0.0. |
allowStalebool |
(Optional)
Allow stale Consul results (see https://www.consul.io/api/features/consistency.html). Will reduce load on Consul. If unset, Prometheus uses its default value. |
refreshIntervalDuration |
(Optional)
The time after which the provided names are refreshed. On large setup it might be a good idea to increase this value because the catalog will change all the time. If unset, Prometheus uses its default value. |
basicAuthBasicAuth |
(Optional)
Optional BasicAuth information to authenticate against the Consul Server.
More info: https://prometheus.io/docs/operating/configuration/#endpoints
Cannot be set at the same time as |
authorizationSafeAuthorization |
(Optional)
Optional Authorization header configuration to authenticate against the Consul Server.
Cannot be set at the same time as |
oauth2OAuth2 |
(Optional)
Optional OAuth2.0 configuration.
Cannot be set at the same time as |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. If unset, Prometheus uses its default value. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. If unset, Prometheus uses its default value. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration to connect to the Consul API. |
DNSRecordType
(string alias)
(Appears on:DNSSDConfig)
| Value | Description |
|---|---|
"A" |
|
"AAAA" |
|
"MX" |
|
"NS" |
|
"SRV" |
DNSSDConfig
(Appears on:ScrapeConfigSpec)
DNSSDConfig allows specifying a set of DNS domain names which are periodically queried to discover a list of targets. The DNS servers to be contacted are read from /etc/resolv.conf. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dns_sd_config
| Field | Description |
|---|---|
names[]string |
A list of DNS domain names to be queried. |
refreshIntervalDuration |
(Optional)
RefreshInterval configures the time after which the provided names are refreshed. If not set, Prometheus uses its default value. |
typeDNSRecordType |
(Optional)
The type of DNS query to perform. One of SRV, A, AAAA, MX or NS. If not set, Prometheus uses its default value. When set to NS, it requires Prometheus >= v2.49.0. When set to MX, it requires Prometheus >= v2.38.0 |
portint32 |
(Optional)
The port number used if the query type is not SRV Ignored for SRV records |
DayOfMonthRange
(Appears on:TimeInterval)
DayOfMonthRange is an inclusive range of days of the month beginning at 1
| Field | Description |
|---|---|
startint |
Start of the inclusive range |
endint |
End of the inclusive range |
DigitalOceanSDConfig
(Appears on:ScrapeConfigSpec)
DigitalOceanSDConfig allow retrieving scrape targets from DigitalOcean’s Droplets API. This service discovery uses the public IPv4 address by default, by that can be changed with relabeling See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#digitalocean_sd_config
| Field | Description |
|---|---|
authorizationSafeAuthorization |
(Optional)
Authorization header configuration to authenticate against the DigitalOcean API.
Cannot be set at the same time as |
oauth2OAuth2 |
(Optional)
Optional OAuth 2.0 configuration.
Cannot be set at the same time as |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration applying to the target HTTP endpoint. |
portint32 |
(Optional)
The port to scrape metrics from. |
refreshIntervalDuration |
(Optional)
Refresh interval to re-read the instance list. |
DiscordConfig
(Appears on:Receiver)
DiscordConfig configures notifications via Discord. See https://prometheus.io/docs/alerting/latest/configuration/#discord_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
apiURLKubernetes core/v1.SecretKeySelector |
The secret’s key that contains the Discord webhook URL. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
titlestring |
(Optional)
The template of the message’s title. |
messagestring |
(Optional)
The template of the message’s body. |
contentstring |
(Optional)
The template of the content’s body. |
usernamestring |
(Optional)
The username of the message sender. |
avatarURLURL |
(Optional)
The avatar url of the message sender. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
DockerSDConfig
(Appears on:ScrapeConfigSpec)
Docker SD configurations allow retrieving scrape targets from Docker Engine hosts. This SD discovers “containers” and will create a target for each network IP and port the container is configured to expose. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#docker_sd_config
| Field | Description |
|---|---|
hoststring |
Address of the docker daemon |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration applying to the target HTTP endpoint. |
portint |
(Optional)
The port to scrape metrics from. |
hostNetworkingHoststring |
(Optional)
The host to use if the container is in host networking mode. |
matchFirstNetworkbool |
(Optional)
Configure whether to match the first network if the container has multiple networks defined. If unset, Prometheus uses true by default. It requires Prometheus >= v2.54.1. |
filtersFilters |
(Optional)
Optional filters to limit the discovery process to a subset of the available resources. |
refreshIntervalDuration |
(Optional)
Time after which the container is refreshed. |
basicAuthBasicAuth |
(Optional)
BasicAuth information to use on every scrape request. |
authorizationSafeAuthorization |
(Optional)
Authorization header configuration to authenticate against the Docker API.
Cannot be set at the same time as |
oauth2OAuth2 |
(Optional)
Optional OAuth 2.0 configuration.
Cannot be set at the same time as |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. |
DockerSwarmSDConfig
(Appears on:ScrapeConfigSpec)
DockerSwarmSDConfig configurations allow retrieving scrape targets from Docker Swarm engine. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dockerswarm_sd_config
| Field | Description |
|---|---|
hoststring |
Address of the Docker daemon |
rolestring |
Role of the targets to retrieve. Must be |
portint32 |
(Optional)
The port to scrape metrics from, when |
filtersFilters |
(Optional)
Optional filters to limit the discovery process to a subset of available resources. The available filters are listed in the upstream documentation: Services: https://docs.docker.com/engine/api/v1.40/#operation/ServiceList Tasks: https://docs.docker.com/engine/api/v1.40/#operation/TaskList Nodes: https://docs.docker.com/engine/api/v1.40/#operation/NodeList |
refreshIntervalDuration |
(Optional)
The time after which the service discovery data is refreshed. |
basicAuthBasicAuth |
(Optional)
Optional HTTP basic authentication information. |
authorizationSafeAuthorization |
(Optional)
Authorization header configuration to authenticate against the target HTTP endpoint. |
oauth2OAuth2 |
(Optional)
Optional OAuth 2.0 configuration.
Cannot be set at the same time as |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration to use on every scrape request |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. |
EC2SDConfig
(Appears on:ScrapeConfigSpec)
EC2SDConfig allow retrieving scrape targets from AWS EC2 instances. The private IP address is used by default, but may be changed to the public IP address with relabeling. The IAM credentials used must have the ec2:DescribeInstances permission to discover scrape targets See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ec2_sd_config
The EC2 service discovery requires AWS API keys or role ARN for authentication. BasicAuth, Authorization and OAuth2 fields are not present on purpose.
| Field | Description |
|---|---|
regionstring |
(Optional)
The AWS region. |
accessKeyKubernetes core/v1.SecretKeySelector |
(Optional)
AccessKey is the AWS API key. |
secretKeyKubernetes core/v1.SecretKeySelector |
(Optional)
SecretKey is the AWS API secret. |
roleARNstring |
(Optional)
AWS Role ARN, an alternative to using AWS API keys. |
portint32 |
(Optional)
The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. |
refreshIntervalDuration |
(Optional)
RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list. |
filtersFilters |
(Optional)
Filters can be used optionally to filter the instance list by other criteria. Available filter criteria can be found here: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html It requires Prometheus >= v2.3.0 |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration to connect to the AWS EC2 API. It requires Prometheus >= v2.41.0 |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. It requires Prometheus >= v2.41.0 |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. It requires Prometheus >= v2.41.0 |
EmailConfig
(Appears on:Receiver)
EmailConfig configures notifications via Email.
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
tostring |
(Optional)
The email address to send notifications to. |
fromstring |
(Optional)
The sender address. |
hellostring |
(Optional)
The hostname to identify to the SMTP server. |
smarthoststring |
(Optional)
The SMTP host and port through which emails are sent. E.g. example.com:25 |
authUsernamestring |
(Optional)
The username to use for authentication. |
authPasswordKubernetes core/v1.SecretKeySelector |
The secret’s key that contains the password to use for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
authSecretKubernetes core/v1.SecretKeySelector |
The secret’s key that contains the CRAM-MD5 secret. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
authIdentitystring |
(Optional)
The identity to use for authentication. |
headers[]KeyValue |
Further headers email header key/value pairs. Overrides any headers previously set by the notification implementation. |
htmlstring |
(Optional)
The HTML body of the email notification. |
textstring |
(Optional)
The text body of the email notification. |
requireTLSbool |
(Optional)
The SMTP TLS requirement. Note that Go does not support unencrypted connections to remote SMTP endpoints. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration |
EurekaSDConfig
(Appears on:ScrapeConfigSpec)
Eureka SD configurations allow retrieving scrape targets using the Eureka REST API. Prometheus will periodically check the REST endpoint and create a target for every app instance. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#eureka_sd_config
| Field | Description |
|---|---|
serverstring |
The URL to connect to the Eureka server. |
basicAuthBasicAuth |
(Optional)
BasicAuth information to use on every scrape request. |
authorizationSafeAuthorization |
(Optional)
Authorization header to use on every scrape request. |
oauth2OAuth2 |
(Optional)
Optional OAuth 2.0 configuration.
Cannot be set at the same time as |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration applying to the target HTTP endpoint. |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. |
refreshIntervalDuration |
(Optional)
Refresh interval to re-read the instance list. |
FileSDConfig
(Appears on:ScrapeConfigSpec)
FileSDConfig defines a Prometheus file service discovery configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#file_sd_config
| Field | Description |
|---|---|
files[]SDFile |
List of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the prometheus-operator project makes no guarantees about the working directory where the configuration file is stored. Files must be mounted using Prometheus.ConfigMaps or Prometheus.Secrets. |
refreshIntervalDuration |
(Optional)
RefreshInterval configures the refresh interval at which Prometheus will reload the content of the files. |
Filter
Filter name and value pairs to limit the discovery process to a subset of available resources.
| Field | Description |
|---|---|
namestring |
Name of the Filter. |
values[]string |
Value to filter on. |
Filters
([]github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1alpha1.Filter alias)
(Appears on:DockerSDConfig, DockerSwarmSDConfig, EC2SDConfig)
GCESDConfig
(Appears on:ScrapeConfigSpec)
GCESDConfig configures scrape targets from GCP GCE instances. The private IP address is used by default, but may be changed to the public IP address with relabeling. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#gce_sd_config
The GCE service discovery will load the Google Cloud credentials from the file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable. See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform
A pre-requisite for using GCESDConfig is that a Secret containing valid
Google Cloud credentials is mounted into the Prometheus or PrometheusAgent
pod via the .spec.secrets field and that the GOOGLE_APPLICATION_CREDENTIALS
environment variable is set to /etc/prometheus/secrets//.
| Field | Description |
|---|---|
projectstring |
The Google Cloud Project ID |
zonestring |
The zone of the scrape targets. If you need multiple zones use multiple GCESDConfigs. |
filterstring |
(Optional)
Filter can be used optionally to filter the instance list by other criteria Syntax of this filter is described in the filter query parameter section: https://cloud.google.com/compute/docs/reference/latest/instances/list |
refreshIntervalDuration |
(Optional)
RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list. |
portint32 |
(Optional)
The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. |
tagSeparatorstring |
(Optional)
The tag separator is used to separate the tags on concatenation |
HTTPConfig
(Appears on:DiscordConfig, MSTeamsConfig, MSTeamsV2Config, OpsGenieConfig, PagerDutyConfig, PushoverConfig, SNSConfig, SlackConfig, TelegramConfig, VictorOpsConfig, WeChatConfig, WebexConfig, WebhookConfig)
HTTPConfig defines a client HTTP configuration. See https://prometheus.io/docs/alerting/latest/configuration/#http_config
| Field | Description |
|---|---|
authorizationSafeAuthorization |
(Optional)
Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. |
basicAuthBasicAuth |
(Optional)
BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. |
oauth2OAuth2 |
(Optional)
OAuth2 client credentials used to fetch a token for the targets. |
bearerTokenSecretKubernetes core/v1.SecretKeySelector |
(Optional)
The secret’s key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration for the client. |
proxyURLstring |
(Optional)
Optional proxy URL. If defined, this field takes precedence over |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
FollowRedirects specifies whether the client should follow HTTP 3xx redirects. |
HTTPSDConfig
(Appears on:ScrapeConfigSpec)
HTTPSDConfig defines a prometheus HTTP service discovery configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#http_sd_config
| Field | Description |
|---|---|
urlstring |
URL from which the targets are fetched. |
refreshIntervalDuration |
(Optional)
RefreshInterval configures the refresh interval at which Prometheus will re-query the endpoint to update the target list. |
basicAuthBasicAuth |
(Optional)
BasicAuth information to authenticate against the target HTTP endpoint.
More info: https://prometheus.io/docs/operating/configuration/#endpoints
Cannot be set at the same time as |
authorizationSafeAuthorization |
(Optional)
Authorization header configuration to authenticate against the target HTTP endpoint.
Cannot be set at the same time as |
oauth2OAuth2 |
(Optional)
Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint.
Cannot be set at the same time as |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration applying to the target HTTP endpoint. |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. |
HetznerSDConfig
(Appears on:ScrapeConfigSpec)
HetznerSDConfig allow retrieving scrape targets from Hetzner Cloud API and Robot API. This service discovery uses the public IPv4 address by default, but that can be changed with relabeling See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#hetzner_sd_config
| Field | Description |
|---|---|
rolestring |
The Hetzner role of entities that should be discovered. |
basicAuthBasicAuth |
(Optional)
BasicAuth information to use on every scrape request, required when role is robot. Role hcloud does not support basic auth. |
authorizationSafeAuthorization |
(Optional)
Authorization header configuration, required when role is hcloud. Role robot does not support bearer token authentication. |
oauth2OAuth2 |
(Optional)
Optional OAuth 2.0 configuration.
Cannot be used at the same time as |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration to use on every scrape request. |
portint |
(Optional)
The port to scrape metrics from. |
refreshIntervalDuration |
(Optional)
The time after which the servers are refreshed. |
labelSelectorstring |
(Optional)
Label selector used to filter the servers when fetching them from the API. It requires Prometheus >= v3.5.0. |
InhibitRule
(Appears on:AlertmanagerConfigSpec)
InhibitRule defines an inhibition rule that allows to mute alerts when other alerts are already firing. See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule
| Field | Description |
|---|---|
targetMatch[]Matcher |
Matchers that have to be fulfilled in the alerts to be muted. The operator enforces that the alert matches the resource’s namespace. |
sourceMatch[]Matcher |
Matchers for which one or more alerts have to exist for the inhibition to take effect. The operator enforces that the alert matches the resource’s namespace. |
equal[]string |
Labels that must have an equal value in the source and target alert for the inhibition to take effect. |
IonosSDConfig
(Appears on:ScrapeConfigSpec)
IonosSDConfig configurations allow retrieving scrape targets from IONOS resources. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ionos_sd_config
| Field | Description |
|---|---|
datacenterIDstring |
The unique ID of the IONOS data center. |
portint32 |
(Optional)
Port to scrape the metrics from. |
refreshIntervalDuration |
(Optional)
Refresh interval to re-read the list of resources. |
authorizationSafeAuthorization |
Authorization` header configuration, required when using IONOS. |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration to use when connecting to the IONOS API. |
followRedirectsbool |
(Optional)
Configure whether the HTTP requests should follow HTTP 3xx redirects. |
enableHTTP2bool |
(Optional)
Configure whether to enable HTTP2. |
oauth2OAuth2 |
(Optional)
Configure whether to enable OAuth2. |
K8SSelectorConfig
(Appears on:KubernetesSDConfig)
K8SSelectorConfig is Kubernetes Selector Config
| Field | Description |
|---|---|
roleKubernetesRole |
Role specifies the type of Kubernetes resource to limit the service discovery to. Accepted values are: Node, Pod, Endpoints, EndpointSlice, Service, Ingress. |
labelstring |
(Optional)
An optional label selector to limit the service discovery to resources with specific labels and label values.
e.g: |
fieldstring |
(Optional)
An optional field selector to limit the service discovery to resources which have fields with specific values.
e.g: |
KeyValue
(Appears on:EmailConfig, OpsGenieConfig, PagerDutyConfig, VictorOpsConfig)
KeyValue defines a (key, value) tuple.
| Field | Description |
|---|---|
keystring |
Key of the tuple. |
valuestring |
Value of the tuple. |
KubernetesRole
(string alias)
(Appears on:K8SSelectorConfig, KubernetesSDConfig)
| Value | Description |
|---|---|
"Endpoints" |
|
"EndpointSlice" |
|
"Ingress" |
|
"Node" |
|
"Pod" |
|
"Service" |
KubernetesSDConfig
(Appears on:ScrapeConfigSpec)
KubernetesSDConfig allows retrieving scrape targets from Kubernetes’ REST API. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config
| Field | Description |
|---|---|
apiServerstring |
(Optional)
The API server address consisting of a hostname or IP address followed by an optional port number. If left empty, Prometheus is assumed to run inside of the cluster. It will discover API servers automatically and use the pod’s CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. |
roleKubernetesRole |
Role of the Kubernetes entities that should be discovered.
Role |
namespacesNamespaceDiscovery |
(Optional)
Optional namespace discovery. If omitted, Prometheus discovers targets across all namespaces. |
attachMetadataAttachMetadata |
(Optional)
Optional metadata to attach to discovered targets.
It requires Prometheus >= v2.35.0 when using the |
selectors[]K8SSelectorConfig |
(Optional)
Selector to select objects. It requires Prometheus >= v2.17.0 |
basicAuthBasicAuth |
(Optional)
BasicAuth information to use on every scrape request.
Cannot be set at the same time as |
authorizationSafeAuthorization |
(Optional)
Authorization header to use on every scrape request.
Cannot be set at the same time as |
oauth2OAuth2 |
(Optional)
Optional OAuth 2.0 configuration.
Cannot be set at the same time as |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration to connect to the Kubernetes API. |
KumaSDConfig
(Appears on:ScrapeConfigSpec)
KumaSDConfig allow retrieving scrape targets from Kuma’s control plane. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kuma_sd_config
| Field | Description |
|---|---|
serverstring |
Address of the Kuma Control Plane’s MADS xDS server. |
clientIDstring |
(Optional)
Client id is used by Kuma Control Plane to compute Monitoring Assignment for specific Prometheus backend. |
refreshIntervalDuration |
(Optional)
The time to wait between polling update requests. |
fetchTimeoutDuration |
(Optional)
The time after which the monitoring assignments are refreshed. |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration to use on every scrape request |
basicAuthBasicAuth |
(Optional)
BasicAuth information to use on every scrape request. |
authorizationSafeAuthorization |
(Optional)
Authorization header to use on every scrape request. |
oauth2OAuth2 |
(Optional)
Optional OAuth 2.0 configuration.
Cannot be set at the same time as |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. |
LightSailSDConfig
(Appears on:ScrapeConfigSpec)
LightSailSDConfig configurations allow retrieving scrape targets from AWS Lightsail instances.
See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#lightsail_sd_config
TODO: Need to document that we will not be supporting the _file fields.
| Field | Description |
|---|---|
regionstring |
(Optional)
The AWS region. |
accessKeyKubernetes core/v1.SecretKeySelector |
(Optional)
AccessKey is the AWS API key. |
secretKeyKubernetes core/v1.SecretKeySelector |
(Optional)
SecretKey is the AWS API secret. |
roleARNstring |
(Optional)
AWS Role ARN, an alternative to using AWS API keys. |
endpointstring |
(Optional)
Custom endpoint to be used. |
refreshIntervalDuration |
(Optional)
Refresh interval to re-read the list of instances. |
portint32 |
Port to scrape the metrics from. If using the public IP address, this must instead be specified in the relabeling rule. |
basicAuthBasicAuth |
(Optional)
Optional HTTP basic authentication information.
Cannot be set at the same time as |
authorizationSafeAuthorization |
(Optional)
Optional |
oauth2OAuth2 |
(Optional)
Optional OAuth2.0 configuration.
Cannot be set at the same time as |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration to connect to the Puppet DB. |
followRedirectsbool |
(Optional)
Configure whether the HTTP requests should follow HTTP 3xx redirects. |
enableHTTP2bool |
(Optional)
Configure whether to enable HTTP2. |
LinodeSDConfig
(Appears on:ScrapeConfigSpec)
LinodeSDConfig configurations allow retrieving scrape targets from Linode’s Linode APIv4. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#linode_sd_config
| Field | Description |
|---|---|
regionstring |
(Optional)
Optional region to filter on. |
portint32 |
(Optional)
Default port to scrape metrics from. |
tagSeparatorstring |
(Optional)
The string by which Linode Instance tags are joined into the tag label. |
refreshIntervalDuration |
(Optional)
Time after which the linode instances are refreshed. |
authorizationSafeAuthorization |
(Optional)
Authorization header configuration. |
oauth2OAuth2 |
(Optional)
Optional OAuth 2.0 configuration.
Cannot be used at the same time as |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration applying to the target HTTP endpoint. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. |
MSTeamsConfig
(Appears on:Receiver)
MSTeamsConfig configures notifications via Microsoft Teams. It requires Alertmanager >= 0.26.0.
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether to notify about resolved alerts. |
webhookUrlKubernetes core/v1.SecretKeySelector |
MSTeams webhook URL. |
titlestring |
(Optional)
Message title template. |
summarystring |
(Optional)
Message summary template. It requires Alertmanager >= 0.27.0. |
textstring |
(Optional)
Message body template. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
MSTeamsV2Config
(Appears on:Receiver)
MSTeamsV2Config configures notifications via Microsoft Teams using the new message format with adaptive cards as required by flows See https://prometheus.io/docs/alerting/latest/configuration/#msteamsv2_config It requires Alertmanager >= 0.28.0.
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether to notify about resolved alerts. |
webhookURLKubernetes core/v1.SecretKeySelector |
(Optional)
MSTeams incoming webhook URL. |
titlestring |
(Optional)
Message title template. |
textstring |
(Optional)
Message body template. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
MatchType
(string alias)
(Appears on:Matcher)
MatchType is a comparison operator on a Matcher
| Value | Description |
|---|---|
"=" |
|
"!=" |
|
"!~" |
|
"=~" |
Matcher
(Appears on:InhibitRule, Route)
Matcher defines how to match on alert’s labels.
| Field | Description |
|---|---|
namestring |
Label to match. |
valuestring |
(Optional)
Label value to match. |
matchTypeMatchType |
(Optional)
Match operation available with AlertManager >= v0.22.0 and takes precedence over Regex (deprecated) if non-empty. |
regexbool |
(Optional)
Whether to match on equality (false) or regular-expression (true).
Deprecated: for AlertManager >= v0.22.0, |
Month
(string alias)
Month of the year
| Value | Description |
|---|---|
"april" |
|
"august" |
|
"december" |
|
"february" |
|
"january" |
|
"july" |
|
"june" |
|
"march" |
|
"may" |
|
"november" |
|
"october" |
|
"september" |
MonthRange
(string alias)
(Appears on:TimeInterval)
MonthRange is an inclusive range of months of the year beginning in January Months can be specified by name (e.g ‘January’) by numerical month (e.g ‘1’) or as an inclusive range (e.g ‘January:March’, ‘1:3’, ‘1:March’)
MuteTimeInterval
(Appears on:AlertmanagerConfigSpec)
MuteTimeInterval specifies the periods in time when notifications will be muted
| Field | Description |
|---|---|
namestring |
Name of the time interval |
timeIntervals[]TimeInterval |
TimeIntervals is a list of TimeInterval |
NamespaceDiscovery
(Appears on:KubernetesSDConfig)
NamespaceDiscovery is the configuration for discovering Kubernetes namespaces.
| Field | Description |
|---|---|
ownNamespacebool |
(Optional)
Includes the namespace in which the Prometheus pod runs to the list of watched namespaces. |
names[]string |
(Optional)
List of namespaces where to watch for resources.
If empty and |
NomadSDConfig
(Appears on:ScrapeConfigSpec)
NomadSDConfig configurations allow retrieving scrape targets from Nomad’s Service API. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#nomad_sd_config
| Field | Description |
|---|---|
allowStalebool |
(Optional)
The information to access the Nomad API. It is to be defined as the Nomad documentation requires. |
namespacestring |
(Optional) |
refreshIntervalDuration |
(Optional) |
regionstring |
(Optional) |
serverstring |
|
tagSeparatorstring |
(Optional) |
basicAuthBasicAuth |
(Optional)
BasicAuth information to use on every scrape request. |
authorizationSafeAuthorization |
(Optional)
Authorization header to use on every scrape request. |
oauth2OAuth2 |
(Optional)
Optional OAuth 2.0 configuration.
Cannot be set at the same time as |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration applying to the target HTTP endpoint. |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. |
OVHCloudSDConfig
(Appears on:ScrapeConfigSpec)
OVHCloudSDConfig configurations allow retrieving scrape targets from OVHcloud’s dedicated servers and VPS using their API. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ovhcloud_sd_config
| Field | Description |
|---|---|
applicationKeystring |
Access key to use. https://api.ovh.com. |
applicationSecretKubernetes core/v1.SecretKeySelector |
|
consumerKeyKubernetes core/v1.SecretKeySelector |
|
serviceOVHService |
Service of the targets to retrieve. Must be |
endpointstring |
(Optional)
Custom endpoint to be used. |
refreshIntervalDuration |
(Optional)
Refresh interval to re-read the resources list. |
OVHService
(string alias)
(Appears on:OVHCloudSDConfig)
Service of the targets to retrieve. Must be VPS or DedicatedServer.
| Value | Description |
|---|---|
"DedicatedServer" |
|
"VPS" |
OpenStackRole
(string alias)
(Appears on:OpenStackSDConfig)
| Value | Description |
|---|---|
"Hypervisor" |
|
"Instance" |
|
"LoadBalancer" |
OpenStackSDConfig
(Appears on:ScrapeConfigSpec)
OpenStackSDConfig allow retrieving scrape targets from OpenStack Nova instances. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#openstack_sd_config
| Field | Description |
|---|---|
roleOpenStackRole |
The OpenStack role of entities that should be discovered. Note: The |
regionstring |
The OpenStack Region. |
identityEndpointstring |
(Optional)
IdentityEndpoint specifies the HTTP endpoint that is required to work with the Identity API of the appropriate version. |
usernamestring |
(Optional)
Username is required if using Identity V2 API. Consult with your provider’s control panel to discover your account’s username. In Identity V3, either userid or a combination of username and domainId or domainName are needed |
useridstring |
(Optional)
UserID |
passwordKubernetes core/v1.SecretKeySelector |
(Optional)
Password for the Identity V2 and V3 APIs. Consult with your provider’s control panel to discover your account’s preferred method of authentication. |
domainNamestring |
(Optional)
At most one of domainId and domainName must be provided if using username with Identity V3. Otherwise, either are optional. |
domainIDstring |
(Optional)
DomainID |
projectNamestring |
(Optional)
The ProjectId and ProjectName fields are optional for the Identity V2 API. Some providers allow you to specify a ProjectName instead of the ProjectId. Some require both. Your provider’s authentication policies will determine how these fields influence authentication. |
projectIDstring |
(Optional)
ProjectID |
applicationCredentialNamestring |
(Optional)
The ApplicationCredentialID or ApplicationCredentialName fields are required if using an application credential to authenticate. Some providers allow you to create an application credential to authenticate rather than a password. |
applicationCredentialIdstring |
(Optional)
ApplicationCredentialID |
applicationCredentialSecretKubernetes core/v1.SecretKeySelector |
(Optional)
The applicationCredentialSecret field is required if using an application credential to authenticate. |
allTenantsbool |
(Optional)
Whether the service discovery should list all instances for all projects. It is only relevant for the ‘instance’ role and usually requires admin permissions. |
refreshIntervalDuration |
(Optional)
Refresh interval to re-read the instance list. |
portint32 |
(Optional)
The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. |
availabilitystring |
(Optional)
Availability of the endpoint to connect to. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration applying to the target HTTP endpoint. |
OpsGenieConfig
(Appears on:Receiver)
OpsGenieConfig configures notifications via OpsGenie. See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
apiKeyKubernetes core/v1.SecretKeySelector |
(Optional)
The secret’s key that contains the OpsGenie API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
apiURLstring |
(Optional)
The URL to send OpsGenie API requests to. |
messagestring |
(Optional)
Alert text limited to 130 characters. |
descriptionstring |
(Optional)
Description of the incident. |
sourcestring |
(Optional)
Backlink to the sender of the notification. |
tagsstring |
(Optional)
Comma separated list of tags attached to the notifications. |
notestring |
(Optional)
Additional alert note. |
prioritystring |
(Optional)
Priority level of alert. Possible values are P1, P2, P3, P4, and P5. |
updateAlertsbool |
(Optional)
Whether to update message and description of the alert in OpsGenie if it already exists By default, the alert is never updated in OpsGenie, the new message only appears in activity log. |
details[]KeyValue |
(Optional)
A set of arbitrary key/value pairs that provide further detail about the incident. |
responders[]OpsGenieConfigResponder |
(Optional)
List of responders responsible for notifications. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
entitystring |
(Optional)
Optional field that can be used to specify which domain alert is related to. |
actionsstring |
(Optional)
Comma separated list of actions that will be available for the alert. |
OpsGenieConfigResponder
(Appears on:OpsGenieConfig)
OpsGenieConfigResponder defines a responder to an incident.
One of id, name or username has to be defined.
| Field | Description |
|---|---|
idstring |
(Optional)
ID of the responder. |
namestring |
(Optional)
Name of the responder. |
usernamestring |
(Optional)
Username of the responder. |
typestring |
Type of responder. |
PagerDutyConfig
(Appears on:Receiver)
PagerDutyConfig configures notifications via PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
routingKeyKubernetes core/v1.SecretKeySelector |
(Optional)
The secret’s key that contains the PagerDuty integration key (when using
Events API v2). Either this field or |
serviceKeyKubernetes core/v1.SecretKeySelector |
(Optional)
The secret’s key that contains the PagerDuty service key (when using
integration type “Prometheus”). Either this field or |
urlstring |
(Optional)
The URL to send requests to. |
clientstring |
(Optional)
Client identification. |
clientURLstring |
(Optional)
Backlink to the sender of notification. |
descriptionstring |
(Optional)
Description of the incident. |
severitystring |
(Optional)
Severity of the incident. |
classstring |
(Optional)
The class/type of the event. |
groupstring |
(Optional)
A cluster or grouping of sources. |
componentstring |
(Optional)
The part or component of the affected system that is broken. |
details[]KeyValue |
(Optional)
Arbitrary key/value pairs that provide further detail about the incident. |
pagerDutyImageConfigs[]PagerDutyImageConfig |
(Optional)
A list of image details to attach that provide further detail about an incident. |
pagerDutyLinkConfigs[]PagerDutyLinkConfig |
(Optional)
A list of link details to attach that provide further detail about an incident. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
sourcestring |
(Optional)
Unique location of the affected system. |
PagerDutyImageConfig
(Appears on:PagerDutyConfig)
PagerDutyImageConfig attaches images to an incident
| Field | Description |
|---|---|
srcstring |
(Optional)
Src of the image being attached to the incident |
hrefstring |
(Optional)
Optional URL; makes the image a clickable link. |
altstring |
(Optional)
Alt is the optional alternative text for the image. |
PagerDutyLinkConfig
(Appears on:PagerDutyConfig)
PagerDutyLinkConfig attaches text links to an incident
| Field | Description |
|---|---|
hrefstring |
(Optional)
Href is the URL of the link to be attached |
altstring |
(Optional)
Text that describes the purpose of the link, and can be used as the link’s text. |
ParsedRange
ParsedRange is an integer representation of a range
| Field | Description |
|---|---|
startint |
Start is the beginning of the range |
endint |
End of the range |
PrometheusAgentMode
(string alias)
(Appears on:PrometheusAgentSpec)
| Value | Description |
|---|---|
"DaemonSet" |
Deploys PrometheusAgent as DaemonSet. |
"StatefulSet" |
Deploys PrometheusAgent as StatefulSet. |
PrometheusAgentSpec
(Appears on:PrometheusAgent)
PrometheusAgentSpec is a specification of the desired behavior of the Prometheus agent. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
| Field | Description |
|---|---|
modePrometheusAgentMode |
(Optional)
Mode defines how the Prometheus operator deploys the PrometheusAgent pod(s). (Alpha) Using this field requires the |
podMetadataEmbeddedObjectMetadata |
PodMetadata configures labels and annotations which are propagated to the Prometheus pods. The following items are reserved and cannot be overridden: * “prometheus” label, set to the name of the Prometheus object. * “app.kubernetes.io/instance” label, set to the name of the Prometheus object. * “app.kubernetes.io/managed-by” label, set to “prometheus-operator”. * “app.kubernetes.io/name” label, set to “prometheus”. * “app.kubernetes.io/version” label, set to the Prometheus version. * “operator.prometheus.io/name” label, set to the name of the Prometheus object. * “operator.prometheus.io/shard” label, set to the shard number of the Prometheus object. * “kubectl.kubernetes.io/default-container” annotation, set to “prometheus”. |
serviceMonitorSelectorKubernetes meta/v1.LabelSelector |
ServiceMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If |
serviceMonitorNamespaceSelectorKubernetes meta/v1.LabelSelector |
Namespaces to match for ServicedMonitors discovery. An empty label selector matches all namespaces. A null label selector (default value) matches the current namespace only. |
podMonitorSelectorKubernetes meta/v1.LabelSelector |
PodMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If |
podMonitorNamespaceSelectorKubernetes meta/v1.LabelSelector |
Namespaces to match for PodMonitors discovery. An empty label selector matches all namespaces. A null label selector (default value) matches the current namespace only. |
probeSelectorKubernetes meta/v1.LabelSelector |
Probes to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If |
probeNamespaceSelectorKubernetes meta/v1.LabelSelector |
Namespaces to match for Probe discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. |
scrapeConfigSelectorKubernetes meta/v1.LabelSelector |
(Optional)
ScrapeConfigs to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If Note that the ScrapeConfig custom resource definition is currently at Alpha level. |
scrapeConfigNamespaceSelectorKubernetes meta/v1.LabelSelector |
(Optional)
Namespaces to match for ScrapeConfig discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. Note that the ScrapeConfig custom resource definition is currently at Alpha level. |
versionstring |
Version of Prometheus being deployed. The operator uses this information to generate the Prometheus StatefulSet + configuration files. If not specified, the operator assumes the latest upstream version of Prometheus available at the time when the version of the operator was released. |
pausedbool |
When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects. |
imagestring |
(Optional)
Container image name for Prometheus. If specified, it takes precedence
over the Specifying If neither |
imagePullPolicyKubernetes core/v1.PullPolicy |
Image pull policy for the ‘prometheus’, ‘init-config-reloader’ and ‘config-reloader’ containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. |
imagePullSecrets[]Kubernetes core/v1.LocalObjectReference |
An optional list of references to Secrets in the same namespace to use for pulling images from registries. See http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod |
replicasint32 |
(Optional)
Number of replicas of each shard to deploy for a Prometheus deployment.
Default: 1 |
shardsint32 |
Number of shards to distribute the scraped targets onto.
When not defined, the operator assumes only one shard. Note that scaling down shards will not reshard data onto the remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally, use either * Thanos sidecar + querier for query federation and Thanos Ruler for rules. * Remote-write to send metrics to a central location. By default, the sharding of targets is performed on:
* The Users can define their own sharding implementation by setting the
You can also disable sharding on a specific target by setting the
|
replicaExternalLabelNamestring |
(Optional)
Name of Prometheus external label used to denote the replica name.
The external label will not be added when the field is set to the
empty string ( Default: “prometheus_replica” |
prometheusExternalLabelNamestring |
(Optional)
Name of Prometheus external label used to denote the Prometheus instance
name. The external label will not be added when the field is set to
the empty string ( Default: “prometheus” |
logLevelstring |
Log level for Prometheus and the config-reloader sidecar. |
logFormatstring |
Log format for Log level for Prometheus and the config-reloader sidecar. |
scrapeIntervalDuration |
Interval between consecutive scrapes. Default: “30s” |
scrapeTimeoutDuration |
Number of seconds to wait until a scrape request times out. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. |
scrapeProtocols[]ScrapeProtocol |
(Optional)
The protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. It requires Prometheus >= v2.49.0.
|
externalLabelsmap[string]string |
The labels to add to any time series or alerts when communicating with
external systems (federation, remote storage, Alertmanager).
Labels defined by |
enableRemoteWriteReceiverbool |
Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver It requires Prometheus >= v2.33.0. |
enableOTLPReceiverbool |
(Optional)
Enable Prometheus to be used as a receiver for the OTLP Metrics protocol. Note that the OTLP receiver endpoint is automatically enabled if It requires Prometheus >= v2.47.0. |
remoteWriteReceiverMessageVersions[]RemoteWriteMessageVersion |
(Optional)
List of the protobuf message versions to accept when receiving the remote writes. It requires Prometheus >= v2.54.0. |
enableFeatures[]EnableFeature |
(Optional)
Enable access to Prometheus feature flags. By default, no features are enabled. Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. For more information see https://prometheus.io/docs/prometheus/latest/feature_flags/ |
externalUrlstring |
The external URL under which the Prometheus service is externally available. This is necessary to generate correct URLs (for instance if Prometheus is accessible behind an Ingress resource). |
routePrefixstring |
The route prefix Prometheus registers HTTP handlers for. This is useful when using |
storageStorageSpec |
Storage defines the storage used by Prometheus. |
volumes[]Kubernetes core/v1.Volume |
Volumes allows the configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects. |
volumeMounts[]Kubernetes core/v1.VolumeMount |
VolumeMounts allows the configuration of additional VolumeMounts. VolumeMounts will be appended to other VolumeMounts in the ‘prometheus’ container, that are generated as a result of StorageSpec objects. |
persistentVolumeClaimRetentionPolicyKubernetes apps/v1.StatefulSetPersistentVolumeClaimRetentionPolicy |
(Optional)
The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. The default behavior is all PVCs are retained. This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. It requires enabling the StatefulSetAutoDeletePVC feature gate. |
webPrometheusWebSpec |
Defines the configuration of the Prometheus web server. |
resourcesKubernetes core/v1.ResourceRequirements |
Defines the resources requests and limits of the ‘prometheus’ container. |
nodeSelectormap[string]string |
Defines on which Nodes the Pods are scheduled. |
serviceAccountNamestring |
ServiceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods. |
automountServiceAccountTokenbool |
(Optional)
AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. If the field isn’t set, the operator mounts the service account token by default. Warning: be aware that by default, Prometheus requires the service account token for Kubernetes service discovery. It is possible to use strategic merge patch to project the service account token into the ‘prometheus’ container. |
secrets[]string |
Secrets is a list of Secrets in the same namespace as the Prometheus
object, which shall be mounted into the Prometheus Pods.
Each Secret is added to the StatefulSet definition as a volume named |
configMaps[]string |
ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus
object, which shall be mounted into the Prometheus Pods.
Each ConfigMap is added to the StatefulSet definition as a volume named |
affinityKubernetes core/v1.Affinity |
(Optional)
Defines the Pods’ affinity scheduling rules if specified. |
tolerations[]Kubernetes core/v1.Toleration |
(Optional)
Defines the Pods’ tolerations if specified. |
topologySpreadConstraints[]TopologySpreadConstraint |
(Optional)
Defines the pod’s topology spread constraints if specified. |
remoteWrite[]RemoteWriteSpec |
(Optional)
Defines the list of remote write configurations. |
otlpOTLPConfig |
(Optional)
Settings related to the OTLP receiver feature. It requires Prometheus >= v2.55.0. |
securityContextKubernetes core/v1.PodSecurityContext |
(Optional)
SecurityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext. |
dnsPolicyDNSPolicy |
(Optional)
Defines the DNS policy for the pods. |
dnsConfigPodDNSConfig |
(Optional)
Defines the DNS configuration for the pods. |
listenLocalbool |
When true, the Prometheus server listens on the loopback address instead of the Pod IP’s address. |
enableServiceLinksbool |
(Optional)
Indicates whether information about services should be injected into pod’s environment variables |
containers[]Kubernetes core/v1.Container |
(Optional)
Containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to the Pods or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge patch. The names of containers managed by the operator are:
* Overriding containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. |
initContainers[]Kubernetes core/v1.Container |
(Optional)
InitContainers allows injecting initContainers to the Pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init containers if they share the same name and modifications are done via a strategic merge patch. The names of init container name managed by the operator are:
* Overriding init containers is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. |
additionalScrapeConfigsKubernetes core/v1.SecretKeySelector |
(Optional)
AdditionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. As scrape configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible scrape configs are going to break Prometheus after the upgrade. |
apiserverConfigAPIServerConfig |
(Optional)
APIServerConfig allows specifying a host and auth methods to access the Kuberntees API server. If null, Prometheus is assumed to run inside of the cluster: it will discover the API servers automatically and use the Pod’s CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. |
priorityClassNamestring |
Priority class assigned to the Pods. |
portNamestring |
Port name used for the pods and governing service. Default: “web” |
arbitraryFSAccessThroughSMsArbitraryFSAccessThroughSMsConfig |
When true, ServiceMonitor, PodMonitor and Probe object are forbidden to
reference arbitrary files on the file system of the ‘prometheus’
container.
When a ServiceMonitor’s endpoint specifies a |
overrideHonorLabelsbool |
When true, Prometheus resolves label conflicts by renaming the labels in the scraped data
to “exported_” for all targets created from ServiceMonitor, PodMonitor and
ScrapeConfig objects. Otherwise the HonorLabels field of the service or pod monitor applies.
In practice, |
overrideHonorTimestampsbool |
When true, Prometheus ignores the timestamps for all the targets created from service and pod monitors. Otherwise the HonorTimestamps field of the service or pod monitor applies. |
ignoreNamespaceSelectorsbool |
When true, |
enforcedNamespaceLabelstring |
When not empty, a label will be added to:
The label will not added for objects referenced in The label’s name is this field’s value.
The label’s value is the namespace of the |
enforcedSampleLimituint64 |
(Optional)
When defined, enforcedSampleLimit specifies a global limit on the number
of scraped samples that will be accepted. This overrides any
It is meant to be used by admins to keep the overall number of samples/series under a desired limit. When both |
enforcedTargetLimituint64 |
(Optional)
When defined, enforcedTargetLimit specifies a global limit on the number
of scraped targets. The value overrides any It is meant to be used by admins to to keep the overall number of targets under a desired limit. When both |
enforcedLabelLimituint64 |
(Optional)
When defined, enforcedLabelLimit specifies a global limit on the number
of labels per sample. The value overrides any It requires Prometheus >= v2.27.0. When both |
enforcedLabelNameLengthLimituint64 |
(Optional)
When defined, enforcedLabelNameLengthLimit specifies a global limit on the length
of labels name per sample. The value overrides any It requires Prometheus >= v2.27.0. When both |
enforcedLabelValueLengthLimituint64 |
(Optional)
When not null, enforcedLabelValueLengthLimit defines a global limit on the length
of labels value per sample. The value overrides any It requires Prometheus >= v2.27.0. When both |
enforcedKeepDroppedTargetsuint64 |
(Optional)
When defined, enforcedKeepDroppedTargets specifies a global limit on the number of targets
dropped by relabeling that will be kept in memory. The value overrides
any It requires Prometheus >= v2.47.0. When both |
enforcedBodySizeLimitByteSize |
When defined, enforcedBodySizeLimit specifies a global limit on the size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. It requires Prometheus >= v2.28.0. When both |
nameValidationSchemeNameValidationSchemeOptions |
(Optional)
Specifies the validation scheme for metric and label names. It requires Prometheus >= v2.55.0. |
nameEscapingSchemeNameEscapingSchemeOptions |
(Optional)
Specifies the character escaping scheme that will be requested when scraping for metric and label names that do not conform to the legacy Prometheus character set. It requires Prometheus >= v3.4.0. |
convertClassicHistogramsToNHCBbool |
(Optional)
Whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.4.0. |
scrapeClassicHistogramsbool |
(Optional)
Whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v3.5.0. |
minReadySecondsuint32 |
(Optional)
Minimum number of seconds for which a newly created Pod should be ready without any of its container crashing for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate. |
hostAliases[]HostAlias |
(Optional)
Optional list of hosts and IPs that will be injected into the Pod’s hosts file if specified. |
additionalArgs[]Argument |
(Optional)
AdditionalArgs allows setting additional arguments for the ‘prometheus’ container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Prometheus container which may cause issues if they are invalid or not supported by the given Prometheus version. In case of an argument conflict (e.g. an argument which is already set by the operator itself) or when providing an invalid argument, the reconciliation will fail and an error will be logged. |
walCompressionbool |
(Optional)
Configures compression of the write-ahead log (WAL) using Snappy. WAL compression is enabled by default for Prometheus >= 2.20.0 Requires Prometheus v2.11.0 and above. |
excludedFromEnforcement[]ObjectReference |
(Optional)
List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. It is only applicable if |
hostNetworkbool |
Use the host’s network namespace if true. Make sure to understand the security implications if you want to enable it (https://kubernetes.io/docs/concepts/configuration/overview/ ). When hostNetwork is enabled, this will set the DNS policy to
|
podTargetLabels[]string |
(Optional)
PodTargetLabels are appended to the |
tracingConfigPrometheusTracingConfig |
(Optional)
TracingConfig configures tracing in Prometheus. This is an experimental feature, it may change in any upcoming release in a breaking way. |
bodySizeLimitByteSize |
(Optional)
BodySizeLimit defines per-scrape on response body size. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedBodySizeLimit. |
sampleLimituint64 |
(Optional)
SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedSampleLimit. |
targetLimituint64 |
(Optional)
TargetLimit defines a limit on the number of scraped targets that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedTargetLimit. |
labelLimituint64 |
(Optional)
Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedLabelLimit. |
labelNameLengthLimituint64 |
(Optional)
Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedLabelNameLengthLimit. |
labelValueLengthLimituint64 |
(Optional)
Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedLabelValueLengthLimit. |
keepDroppedTargetsuint64 |
(Optional)
Per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. Note that the global limit only applies to scrape objects that don’t specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedKeepDroppedTargets. |
reloadStrategyReloadStrategyType |
(Optional)
Defines the strategy used to reload the Prometheus configuration. If not specified, the configuration is reloaded using the /-/reload HTTP endpoint. |
maximumStartupDurationSecondsint32 |
(Optional)
Defines the maximum time that the |
scrapeClasses[]ScrapeClass |
List of scrape classes to expose to scraping objects such as PodMonitors, ServiceMonitors, Probes and ScrapeConfigs. This is an experimental feature, it may change in any upcoming release in a breaking way. |
serviceDiscoveryRoleServiceDiscoveryRole |
(Optional)
Defines the service discovery role used to discover targets from
If set, the value should be either “Endpoints” or “EndpointSlice”. If unset, the operator assumes the “Endpoints” role. |
tsdbTSDBSpec |
(Optional)
Defines the runtime reloadable configuration of the timeseries database(TSDB). It requires Prometheus >= v2.39.0 or PrometheusAgent >= v2.54.0. |
scrapeFailureLogFilestring |
(Optional)
File to which scrape failures are logged. Reloading the configuration will reopen the file. If the filename has an empty path, e.g. ‘file.log’, The Prometheus Pods
will mount the file into an emptyDir volume at |
serviceNamestring |
(Optional)
The name of the service name used by the underlying StatefulSet(s) as the governing service.
If defined, the Service must be created before the Prometheus/PrometheusAgent resource in the same namespace and it must define a selector that matches the pod labels.
If empty, the operator will create and manage a headless service named |
runtimeRuntimeConfig |
(Optional)
RuntimeConfig configures the values for the Prometheus process behavior |
terminationGracePeriodSecondsint64 |
(Optional)
Optional duration in seconds the pod needs to terminate gracefully. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down) which may lead to data corruption. Defaults to 600 seconds. |
PuppetDBSDConfig
(Appears on:ScrapeConfigSpec)
PuppetDBSDConfig configurations allow retrieving scrape targets from PuppetDB resources. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#puppetdb_sd_config
| Field | Description |
|---|---|
urlstring |
The URL of the PuppetDB root query endpoint. |
querystring |
Puppet Query Language (PQL) query. Only resources are supported. https://puppet.com/docs/puppetdb/latest/api/query/v4/pql.html |
includeParametersbool |
(Optional)
Whether to include the parameters as meta labels. Note: Enabling this exposes parameters in the Prometheus UI and API. Make sure that you don’t have secrets exposed as parameters if you enable this. |
refreshIntervalDuration |
(Optional)
Refresh interval to re-read the list of resources. |
portint32 |
Port to scrape the metrics from. |
basicAuthBasicAuth |
(Optional)
Optional HTTP basic authentication information.
Cannot be set at the same time as |
authorizationSafeAuthorization |
(Optional)
Optional |
oauth2OAuth2 |
(Optional)
Optional OAuth2.0 configuration.
Cannot be set at the same time as |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration to connect to the Puppet DB. |
followRedirectsbool |
(Optional)
Configure whether the HTTP requests should follow HTTP 3xx redirects. |
enableHTTP2bool |
(Optional)
Configure whether to enable HTTP2. |
PushoverConfig
(Appears on:Receiver)
PushoverConfig configures notifications via Pushover. See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
userKeyKubernetes core/v1.SecretKeySelector |
(Optional)
The secret’s key that contains the recipient user’s user key.
The secret needs to be in the same namespace as the AlertmanagerConfig
object and accessible by the Prometheus Operator.
Either |
userKeyFilestring |
(Optional)
The user key file that contains the recipient user’s user key.
Either |
tokenKubernetes core/v1.SecretKeySelector |
(Optional)
The secret’s key that contains the registered application’s API token, see https://pushover.net/apps.
The secret needs to be in the same namespace as the AlertmanagerConfig
object and accessible by the Prometheus Operator.
Either |
tokenFilestring |
(Optional)
The token file that contains the registered application’s API token, see https://pushover.net/apps.
Either |
titlestring |
(Optional)
Notification title. |
messagestring |
(Optional)
Notification message. |
urlstring |
(Optional)
A supplementary URL shown alongside the message. |
urlTitlestring |
(Optional)
A title for supplementary URL, otherwise just the URL is shown |
ttlDuration |
(Optional)
The time to live definition for the alert notification |
devicestring |
(Optional)
The name of a device to send the notification to |
soundstring |
(Optional)
The name of one of the sounds supported by device clients to override the user’s default sound choice |
prioritystring |
(Optional)
Priority, see https://pushover.net/api#priority |
retrystring |
(Optional)
How often the Pushover servers will send the same notification to the user. Must be at least 30 seconds. |
expirestring |
(Optional)
How long your notification will continue to be retried for, unless the user acknowledges the notification. |
htmlbool |
(Optional)
Whether notification message is HTML or plain text. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
Receiver
(Appears on:AlertmanagerConfigSpec)
Receiver defines one or more notification integrations.
| Field | Description |
|---|---|
namestring |
Name of the receiver. Must be unique across all items from the list. |
opsgenieConfigs[]OpsGenieConfig |
List of OpsGenie configurations. |
pagerdutyConfigs[]PagerDutyConfig |
List of PagerDuty configurations. |
discordConfigs[]DiscordConfig |
(Optional)
List of Discord configurations. |
slackConfigs[]SlackConfig |
List of Slack configurations. |
webhookConfigs[]WebhookConfig |
List of webhook configurations. |
wechatConfigs[]WeChatConfig |
List of WeChat configurations. |
emailConfigs[]EmailConfig |
List of Email configurations. |
victoropsConfigs[]VictorOpsConfig |
List of VictorOps configurations. |
pushoverConfigs[]PushoverConfig |
List of Pushover configurations. |
snsConfigs[]SNSConfig |
List of SNS configurations |
telegramConfigs[]TelegramConfig |
List of Telegram configurations. |
webexConfigs[]WebexConfig |
List of Webex configurations. |
msteamsConfigs[]MSTeamsConfig |
List of MSTeams configurations. It requires Alertmanager >= 0.26.0. |
msteamsv2Configs[]MSTeamsV2Config |
List of MSTeamsV2 configurations. It requires Alertmanager >= 0.28.0. |
Route
(Appears on:AlertmanagerConfigSpec)
Route defines a node in the routing tree.
| Field | Description |
|---|---|
receiverstring |
(Optional)
Name of the receiver for this route. If not empty, it should be listed in
the |
groupBy[]string |
(Optional)
List of labels to group by. Labels must not be repeated (unique list). Special label “…” (aggregate by all possible labels), if provided, must be the only element in the list. |
groupWaitstring |
(Optional)
How long to wait before sending the initial notification.
Must match the regular expression |
groupIntervalstring |
(Optional)
How long to wait before sending an updated notification.
Must match the regular expression |
repeatIntervalstring |
(Optional)
How long to wait before repeating the last notification.
Must match the regular expression |
matchers[]Matcher |
(Optional)
List of matchers that the alert’s labels should match. For the first
level route, the operator removes any existing equality and regexp
matcher on the |
continuebool |
(Optional)
Boolean indicating whether an alert should continue matching subsequent sibling nodes. It will always be overridden to true for the first-level route by the Prometheus operator. |
routes[]k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON |
Child routes. |
muteTimeIntervals[]string |
(Optional)
Note: this comment applies to the field definition above but appears below otherwise it gets included in the generated manifest. CRD schema doesn’t support self-referential types for now (see https://github.com/kubernetes/kubernetes/issues/62872). We have to use an alternative type to circumvent the limitation. The downside is that the Kube API can’t validate the data beyond the fact that it is a valid JSON representation. MuteTimeIntervals is a list of MuteTimeInterval names that will mute this route when matched, |
activeTimeIntervals[]string |
(Optional)
ActiveTimeIntervals is a list of MuteTimeInterval names when this route should be active. |
SDFile
(string alias)
(Appears on:FileSDConfig)
SDFile represents a file used for service discovery
SNSConfig
(Appears on:Receiver)
SNSConfig configures notifications via AWS SNS. See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
apiURLstring |
(Optional)
The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. If not specified, the SNS API URL from the SNS SDK will be used. |
sigv4Sigv4 |
(Optional)
Configures AWS’s Signature Verification 4 signing process to sign requests. |
topicARNstring |
(Optional)
SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic If you don’t specify this value, you must specify a value for the PhoneNumber or TargetARN. |
subjectstring |
(Optional)
Subject line when the message is delivered to email endpoints. |
phoneNumberstring |
(Optional)
Phone number if message is delivered via SMS in E.164 format. If you don’t specify this value, you must specify a value for the TopicARN or TargetARN. |
targetARNstring |
(Optional)
The mobile platform endpoint ARN if message is delivered via mobile notifications. If you don’t specify this value, you must specify a value for the topic_arn or PhoneNumber. |
messagestring |
(Optional)
The message content of the SNS notification. |
attributesmap[string]string |
(Optional)
SNS message attributes. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
ScalewayRole
(string alias)
(Appears on:ScalewaySDConfig)
Role of the targets to retrieve. Must be Instance or Baremetal.
| Value | Description |
|---|---|
"Baremetal" |
|
"Instance" |
ScalewaySDConfig
(Appears on:ScrapeConfigSpec)
ScalewaySDConfig configurations allow retrieving scrape targets from Scaleway instances and baremetal services.
See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scaleway_sd_config
TODO: Need to document that we will not be supporting the _file fields.
| Field | Description |
|---|---|
accessKeystring |
Access key to use. https://console.scaleway.com/project/credentials |
secretKeyKubernetes core/v1.SecretKeySelector |
Secret key to use when listing targets. |
projectIDstring |
Project ID of the targets. |
roleScalewayRole |
Service of the targets to retrieve. Must be |
portint32 |
(Optional)
The port to scrape metrics from. |
apiURLstring |
(Optional)
API URL to use when doing the server listing requests. |
zonestring |
(Optional)
Zone is the availability zone of your targets (e.g. fr-par-1). |
nameFilterstring |
(Optional)
NameFilter specify a name filter (works as a LIKE) to apply on the server listing request. |
tagsFilter[]string |
(Optional)
TagsFilter specify a tag filter (a server needs to have all defined tags to be listed) to apply on the server listing request. |
refreshIntervalDuration |
(Optional)
Refresh interval to re-read the list of instances. |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
Configure whether HTTP requests follow HTTP 3xx redirects. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration to use on every scrape request |
ScrapeConfigSpec
(Appears on:ScrapeConfig)
ScrapeConfigSpec is a specification of the desired configuration for a scrape configuration.
| Field | Description |
|---|---|
jobNamestring |
(Optional)
The value of the The |
staticConfigs[]StaticConfig |
(Optional)
StaticConfigs defines a list of static targets with a common label set. |
fileSDConfigs[]FileSDConfig |
(Optional)
FileSDConfigs defines a list of file service discovery configurations. |
httpSDConfigs[]HTTPSDConfig |
(Optional)
HTTPSDConfigs defines a list of HTTP service discovery configurations. |
kubernetesSDConfigs[]KubernetesSDConfig |
(Optional)
KubernetesSDConfigs defines a list of Kubernetes service discovery configurations. |
consulSDConfigs[]ConsulSDConfig |
(Optional)
ConsulSDConfigs defines a list of Consul service discovery configurations. |
dnsSDConfigs[]DNSSDConfig |
(Optional)
DNSSDConfigs defines a list of DNS service discovery configurations. |
ec2SDConfigs[]EC2SDConfig |
(Optional)
EC2SDConfigs defines a list of EC2 service discovery configurations. |
azureSDConfigs[]AzureSDConfig |
(Optional)
AzureSDConfigs defines a list of Azure service discovery configurations. |
gceSDConfigs[]GCESDConfig |
(Optional)
GCESDConfigs defines a list of GCE service discovery configurations. |
openstackSDConfigs[]OpenStackSDConfig |
(Optional)
OpenStackSDConfigs defines a list of OpenStack service discovery configurations. |
digitalOceanSDConfigs[]DigitalOceanSDConfig |
(Optional)
DigitalOceanSDConfigs defines a list of DigitalOcean service discovery configurations. |
kumaSDConfigs[]KumaSDConfig |
(Optional)
KumaSDConfigs defines a list of Kuma service discovery configurations. |
eurekaSDConfigs[]EurekaSDConfig |
(Optional)
EurekaSDConfigs defines a list of Eureka service discovery configurations. |
dockerSDConfigs[]DockerSDConfig |
(Optional)
DockerSDConfigs defines a list of Docker service discovery configurations. |
linodeSDConfigs[]LinodeSDConfig |
(Optional)
LinodeSDConfigs defines a list of Linode service discovery configurations. |
hetznerSDConfigs[]HetznerSDConfig |
(Optional)
HetznerSDConfigs defines a list of Hetzner service discovery configurations. |
nomadSDConfigs[]NomadSDConfig |
(Optional)
NomadSDConfigs defines a list of Nomad service discovery configurations. |
dockerSwarmSDConfigs[]DockerSwarmSDConfig |
(Optional)
DockerswarmSDConfigs defines a list of Dockerswarm service discovery configurations. |
puppetDBSDConfigs[]PuppetDBSDConfig |
(Optional)
PuppetDBSDConfigs defines a list of PuppetDB service discovery configurations. |
lightSailSDConfigs[]LightSailSDConfig |
(Optional)
LightsailSDConfigs defines a list of Lightsail service discovery configurations. |
ovhcloudSDConfigs[]OVHCloudSDConfig |
(Optional)
OVHCloudSDConfigs defines a list of OVHcloud service discovery configurations. |
scalewaySDConfigs[]ScalewaySDConfig |
(Optional)
ScalewaySDConfigs defines a list of Scaleway instances and baremetal service discovery configurations. |
ionosSDConfigs[]IonosSDConfig |
(Optional)
IonosSDConfigs defines a list of IONOS service discovery configurations. |
relabelings[]RelabelConfig |
(Optional)
RelabelConfigs defines how to rewrite the target’s labels before scraping.
Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields.
The original scrape job’s name is available via the |
metricsPathstring |
(Optional)
MetricsPath HTTP path to scrape for metrics. If empty, Prometheus uses the default value (e.g. /metrics). |
scrapeIntervalDuration |
(Optional)
ScrapeInterval is the interval between consecutive scrapes. |
scrapeTimeoutDuration |
(Optional)
ScrapeTimeout is the number of seconds to wait until a scrape request times out. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. |
scrapeProtocols[]ScrapeProtocol |
(Optional)
The protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. It requires Prometheus >= v2.49.0. |
fallbackScrapeProtocolScrapeProtocol |
(Optional)
The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It requires Prometheus >= v3.0.0. |
honorTimestampsbool |
(Optional)
HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data. |
trackTimestampsStalenessbool |
(Optional)
TrackTimestampsStaleness whether Prometheus tracks staleness of
the metrics that have an explicit timestamp present in scraped data.
Has no effect if |
honorLabelsbool |
(Optional)
HonorLabels chooses the metric’s labels on collisions with target labels. |
paramsmap[string][]string |
(Optional)
Optional HTTP URL parameters |
schemestring |
(Optional)
Configures the protocol scheme used for requests. If empty, Prometheus uses HTTP by default. |
enableCompressionbool |
(Optional)
When false, Prometheus will request uncompressed response from the scraped target. It requires Prometheus >= v2.49.0. If unset, Prometheus uses true by default. |
enableHTTP2bool |
(Optional)
Whether to enable HTTP2. |
basicAuthBasicAuth |
(Optional)
BasicAuth information to use on every scrape request. |
authorizationSafeAuthorization |
(Optional)
Authorization header to use on every scrape request. |
oauth2OAuth2 |
(Optional)
OAuth2 configuration to use on every scrape request. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration to use on every scrape request |
sampleLimituint64 |
(Optional)
SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. |
targetLimituint64 |
(Optional)
TargetLimit defines a limit on the number of scraped targets that will be accepted. |
labelLimituint64 |
(Optional)
Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. |
labelNameLengthLimituint64 |
(Optional)
Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. |
labelValueLengthLimituint64 |
(Optional)
Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. |
scrapeClassicHistogramsbool |
(Optional)
Whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v2.45.0. |
nativeHistogramBucketLimituint64 |
(Optional)
If there are more than this many buckets in a native histogram, buckets will be merged to stay within the limit. It requires Prometheus >= v2.45.0. |
nativeHistogramMinBucketFactork8s.io/apimachinery/pkg/api/resource.Quantity |
(Optional)
If the growth factor of one bucket to the next is smaller than this, buckets will be merged to increase the factor sufficiently. It requires Prometheus >= v2.50.0. |
convertClassicHistogramsToNHCBbool |
(Optional)
Whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.0.0. |
keepDroppedTargetsuint64 |
(Optional)
Per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. |
metricRelabelings[]RelabelConfig |
(Optional)
MetricRelabelConfigs to apply to samples before ingestion. |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
nameValidationSchemeNameValidationSchemeOptions |
(Optional)
Specifies the validation scheme for metric and label names. It requires Prometheus >= v3.0.0. |
nameEscapingSchemeNameEscapingSchemeOptions |
(Optional)
Metric name escaping mode to request through content negotiation. It requires Prometheus >= v3.4.0. |
scrapeClassstring |
(Optional)
The scrape class to apply. |
SlackAction
(Appears on:SlackConfig)
SlackAction configures a single Slack action that is sent with each notification. See https://api.slack.com/docs/message-attachments#action_fields and https://api.slack.com/docs/message-buttons for more information.
| Field | Description |
|---|---|
typestring |
|
textstring |
|
urlstring |
(Optional) |
stylestring |
(Optional) |
namestring |
(Optional) |
valuestring |
(Optional) |
confirmSlackConfirmationField |
(Optional) |
SlackConfig
(Appears on:Receiver)
SlackConfig configures notifications via Slack. See https://prometheus.io/docs/alerting/latest/configuration/#slack_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
apiURLKubernetes core/v1.SecretKeySelector |
(Optional)
The secret’s key that contains the Slack webhook URL. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
channelstring |
(Optional)
The channel or user to send notifications to. |
usernamestring |
(Optional) |
colorstring |
(Optional) |
titlestring |
(Optional) |
titleLinkstring |
(Optional) |
pretextstring |
(Optional) |
textstring |
(Optional) |
fields[]SlackField |
(Optional)
A list of Slack fields that are sent with each notification. |
shortFieldsbool |
(Optional) |
footerstring |
(Optional) |
fallbackstring |
(Optional) |
callbackIdstring |
(Optional) |
iconEmojistring |
(Optional) |
iconURLstring |
(Optional) |
imageURLstring |
(Optional) |
thumbURLstring |
(Optional) |
linkNamesbool |
(Optional) |
mrkdwnIn[]string |
(Optional) |
actions[]SlackAction |
(Optional)
A list of Slack actions that are sent with each notification. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
SlackConfirmationField
(Appears on:SlackAction)
SlackConfirmationField protect users from destructive actions or particularly distinguished decisions by asking them to confirm their button click one more time. See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields for more information.
| Field | Description |
|---|---|
textstring |
|
titlestring |
(Optional) |
okTextstring |
(Optional) |
dismissTextstring |
(Optional) |
SlackField
(Appears on:SlackConfig)
SlackField configures a single Slack field that is sent with each notification. Each field must contain a title, value, and optionally, a boolean value to indicate if the field is short enough to be displayed next to other fields designated as short. See https://api.slack.com/docs/message-attachments#fields for more information.
| Field | Description |
|---|---|
titlestring |
|
valuestring |
|
shortbool |
(Optional) |
StaticConfig
(Appears on:ScrapeConfigSpec)
StaticConfig defines a Prometheus static configuration. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config
| Field | Description |
|---|---|
targets[]Target |
List of targets for this static configuration. |
labelsmap[string]string |
(Optional)
Labels assigned to all metrics scraped from the targets. |
Target
(string alias)
(Appears on:StaticConfig)
Target represents a target for Prometheus to scrape kubebuilder:validation:MinLength:=1
TelegramConfig
(Appears on:Receiver)
TelegramConfig configures notifications via Telegram. See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether to notify about resolved alerts. |
apiURLstring |
(Optional)
The Telegram API URL i.e. https://api.telegram.org. If not specified, default API URL will be used. |
botTokenKubernetes core/v1.SecretKeySelector |
(Optional)
Telegram bot token. It is mutually exclusive with Either |
botTokenFilestring |
(Optional)
File to read the Telegram bot token from. It is mutually exclusive with It requires Alertmanager >= v0.26.0. |
chatIDint64 |
The Telegram chat ID. |
messageThreadIDint64 |
(Optional)
The Telegram Group Topic ID. It requires Alertmanager >= 0.26.0. |
messagestring |
(Optional)
Message template |
disableNotificationsbool |
(Optional)
Disable telegram notifications |
parseModestring |
(Optional)
Parse mode for telegram message |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
Time
(string alias)
(Appears on:TimeRange)
Time defines a time in 24hr format
TimeInterval
(Appears on:MuteTimeInterval)
TimeInterval describes intervals of time
| Field | Description |
|---|---|
times[]TimeRange |
(Optional)
Times is a list of TimeRange |
weekdays[]WeekdayRange |
(Optional)
Weekdays is a list of WeekdayRange |
daysOfMonth[]DayOfMonthRange |
(Optional)
DaysOfMonth is a list of DayOfMonthRange |
months[]MonthRange |
(Optional)
Months is a list of MonthRange |
years[]YearRange |
(Optional)
Years is a list of YearRange |
TimeRange
(Appears on:TimeInterval)
TimeRange defines a start and end time in 24hr format
| Field | Description |
|---|---|
startTimeTime |
StartTime is the start time in 24hr format. |
endTimeTime |
EndTime is the end time in 24hr format. |
URL
(string alias)
(Appears on:DiscordConfig, WebexConfig)
URL represents a valid URL
VictorOpsConfig
(Appears on:Receiver)
VictorOpsConfig configures notifications via VictorOps. See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
apiKeyKubernetes core/v1.SecretKeySelector |
(Optional)
The secret’s key that contains the API key to use when talking to the VictorOps API. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
apiUrlstring |
(Optional)
The VictorOps API URL. |
routingKeystring |
(Optional)
A key used to map the alert to a team. |
messageTypestring |
(Optional)
Describes the behavior of the alert (CRITICAL, WARNING, INFO). |
entityDisplayNamestring |
(Optional)
Contains summary of the alerted problem. |
stateMessagestring |
(Optional)
Contains long explanation of the alerted problem. |
monitoringToolstring |
(Optional)
The monitoring tool the state message is from. |
customFields[]KeyValue |
(Optional)
Additional custom fields for notification. |
httpConfigHTTPConfig |
(Optional)
The HTTP client’s configuration. |
WeChatConfig
(Appears on:Receiver)
WeChatConfig configures notifications via WeChat. See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
apiSecretKubernetes core/v1.SecretKeySelector |
(Optional)
The secret’s key that contains the WeChat API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
apiURLstring |
(Optional)
The WeChat API URL. |
corpIDstring |
(Optional)
The corp id for authentication. |
agentIDstring |
(Optional) |
toUserstring |
(Optional) |
toPartystring |
(Optional) |
toTagstring |
(Optional) |
messagestring |
API request data as defined by the WeChat API. |
messageTypestring |
(Optional) |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
WebexConfig
(Appears on:Receiver)
WebexConfig configures notification via Cisco Webex See https://prometheus.io/docs/alerting/latest/configuration/#webex_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether to notify about resolved alerts. |
apiURLURL |
(Optional)
The Webex Teams API URL i.e. https://webexapis.com/v1/messages Provide if different from the default API URL. |
httpConfigHTTPConfig |
(Optional)
The HTTP client’s configuration.
You must supply the bot token via the |
messagestring |
(Optional)
Message template |
roomIDstring |
ID of the Webex Teams room where to send the messages. |
WebhookConfig
(Appears on:Receiver)
WebhookConfig configures notifications via a generic receiver supporting the webhook payload. See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
urlstring |
(Optional)
The URL to send HTTP POST requests to. |
urlSecretKubernetes core/v1.SecretKeySelector |
(Optional)
The secret’s key that contains the webhook URL to send HTTP requests to.
|
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
maxAlertsint32 |
(Optional)
Maximum number of alerts to be sent per webhook message. When 0, all alerts are included. |
timeoutDuration |
(Optional)
The maximum time to wait for a webhook request to complete, before failing the request and allowing it to be retried. It requires Alertmanager >= v0.28.0. |
Weekday
(string alias)
Weekday is day of the week
| Value | Description |
|---|---|
"friday" |
|
"monday" |
|
"saturday" |
|
"sunday" |
|
"thursday" |
|
"tuesday" |
|
"wednesday" |
WeekdayRange
(string alias)
(Appears on:TimeInterval)
WeekdayRange is an inclusive range of days of the week beginning on Sunday Days can be specified by name (e.g ‘Sunday’) or as an inclusive range (e.g ‘Monday:Friday’)
YearRange
(string alias)
(Appears on:TimeInterval)
YearRange is an inclusive range of years
monitoring.coreos.com/v1beta1
Resource Types:AlertmanagerConfig
The AlertmanagerConfig custom resource definition (CRD) defines how Alertmanager objects process Prometheus alerts. It allows to specify alert grouping and routing, notification receivers and inhibition rules.
Alertmanager objects select AlertmanagerConfig objects using label and namespace selectors.
| Field | Description | ||||||||
|---|---|---|---|---|---|---|---|---|---|
apiVersionstring |
monitoring.coreos.com/v1beta1
|
||||||||
kindstring |
AlertmanagerConfig |
||||||||
metadataKubernetes meta/v1.ObjectMeta |
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||||||
specAlertmanagerConfigSpec |
|
AlertmanagerConfigSpec
(Appears on:AlertmanagerConfig)
AlertmanagerConfigSpec is a specification of the desired behavior of the Alertmanager configuration.
By definition, the Alertmanager configuration only applies to alerts for which
the namespace label is equal to the namespace of the AlertmanagerConfig resource.
| Field | Description |
|---|---|
routeRoute |
(Optional)
The Alertmanager route definition for alerts matching the resource’s namespace. If present, it will be added to the generated Alertmanager configuration as a first-level route. |
receivers[]Receiver |
(Optional)
List of receivers. |
inhibitRules[]InhibitRule |
(Optional)
List of inhibition rules. The rules will only apply to alerts matching the resource’s namespace. |
timeIntervals[]TimeInterval |
(Optional)
List of TimeInterval specifying when the routes should be muted or active. |
DayOfMonthRange
(Appears on:TimePeriod)
DayOfMonthRange is an inclusive range of days of the month beginning at 1
| Field | Description |
|---|---|
startint |
Start of the inclusive range |
endint |
End of the inclusive range |
DiscordConfig
(Appears on:Receiver)
DiscordConfig configures notifications via Discord. See https://prometheus.io/docs/alerting/latest/configuration/#discord_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
apiURLKubernetes core/v1.SecretKeySelector |
The secret’s key that contains the Discord webhook URL. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
titlestring |
(Optional)
The template of the message’s title. |
messagestring |
(Optional)
The template of the message’s body. |
contentstring |
(Optional)
The template of the content’s body. |
usernamestring |
(Optional)
The username of the message sender. |
avatarURLURL |
(Optional)
The avatar url of the message sender. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
EmailConfig
(Appears on:Receiver)
EmailConfig configures notifications via Email.
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
tostring |
(Optional)
The email address to send notifications to. |
fromstring |
(Optional)
The sender address. |
hellostring |
(Optional)
The hostname to identify to the SMTP server. |
smarthoststring |
(Optional)
The SMTP host and port through which emails are sent. E.g. example.com:25 |
authUsernamestring |
(Optional)
The username to use for authentication. |
authPasswordSecretKeySelector |
The secret’s key that contains the password to use for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
authSecretSecretKeySelector |
The secret’s key that contains the CRAM-MD5 secret. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
authIdentitystring |
(Optional)
The identity to use for authentication. |
headers[]KeyValue |
Further headers email header key/value pairs. Overrides any headers previously set by the notification implementation. |
htmlstring |
(Optional)
The HTML body of the email notification. |
textstring |
(Optional)
The text body of the email notification. |
requireTLSbool |
(Optional)
The SMTP TLS requirement. Note that Go does not support unencrypted connections to remote SMTP endpoints. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration |
HTTPConfig
(Appears on:DiscordConfig, MSTeamsConfig, MSTeamsV2Config, OpsGenieConfig, PagerDutyConfig, PushoverConfig, SNSConfig, SlackConfig, TelegramConfig, VictorOpsConfig, WeChatConfig, WebexConfig, WebhookConfig)
HTTPConfig defines a client HTTP configuration. See https://prometheus.io/docs/alerting/latest/configuration/#http_config
| Field | Description |
|---|---|
authorizationSafeAuthorization |
(Optional)
Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. |
basicAuthBasicAuth |
(Optional)
BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. |
oauth2OAuth2 |
(Optional)
OAuth2 client credentials used to fetch a token for the targets. |
bearerTokenSecretSecretKeySelector |
(Optional)
The secret’s key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
tlsConfigSafeTLSConfig |
(Optional)
TLS configuration for the client. |
proxyURLstring |
(Optional)
Optional proxy URL. If defined, this field takes precedence over |
proxyUrlstring |
(Optional)
|
noProxystring |
(Optional)
It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyFromEnvironmentbool |
(Optional)
Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
proxyConnectHeadermap[string][]Kubernetes core/v1.SecretKeySelector |
(Optional)
ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. |
followRedirectsbool |
(Optional)
FollowRedirects specifies whether the client should follow HTTP 3xx redirects. |
InhibitRule
(Appears on:AlertmanagerConfigSpec)
InhibitRule defines an inhibition rule that allows to mute alerts when other alerts are already firing. See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule
| Field | Description |
|---|---|
targetMatch[]Matcher |
Matchers that have to be fulfilled in the alerts to be muted. The operator enforces that the alert matches the resource’s namespace. |
sourceMatch[]Matcher |
Matchers for which one or more alerts have to exist for the inhibition to take effect. The operator enforces that the alert matches the resource’s namespace. |
equal[]string |
Labels that must have an equal value in the source and target alert for the inhibition to take effect. |
KeyValue
(Appears on:EmailConfig, OpsGenieConfig, PagerDutyConfig, VictorOpsConfig)
KeyValue defines a (key, value) tuple.
| Field | Description |
|---|---|
keystring |
Key of the tuple. |
valuestring |
Value of the tuple. |
MSTeamsConfig
(Appears on:Receiver)
MSTeamsConfig configures notifications via Microsoft Teams. It requires Alertmanager >= 0.26.0.
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether to notify about resolved alerts. |
webhookUrlKubernetes core/v1.SecretKeySelector |
MSTeams webhook URL. |
titlestring |
(Optional)
Message title template. |
summarystring |
(Optional)
Message summary template. It requires Alertmanager >= 0.27.0. |
textstring |
(Optional)
Message body template. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
MSTeamsV2Config
(Appears on:Receiver)
MSTeamsV2Config configures notifications via Microsoft Teams using the new message format with adaptive cards as required by flows See https://prometheus.io/docs/alerting/latest/configuration/#msteamsv2_config It requires Alertmanager >= 0.28.0.
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether to notify about resolved alerts. |
webhookURLKubernetes core/v1.SecretKeySelector |
(Optional)
MSTeams incoming webhook URL. |
titlestring |
(Optional)
Message title template. |
textstring |
(Optional)
Message body template. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
MatchType
(string alias)
(Appears on:Matcher)
MatchType is a comparison operator on a Matcher
| Value | Description |
|---|---|
"=" |
|
"!=" |
|
"!~" |
|
"=~" |
Matcher
(Appears on:InhibitRule, Route)
Matcher defines how to match on alert’s labels.
| Field | Description |
|---|---|
namestring |
Label to match. |
valuestring |
(Optional)
Label value to match. |
matchTypeMatchType |
Match operator, one of |
Month
(string alias)
Month of the year
| Value | Description |
|---|---|
"april" |
|
"august" |
|
"december" |
|
"february" |
|
"january" |
|
"july" |
|
"june" |
|
"march" |
|
"may" |
|
"november" |
|
"october" |
|
"september" |
MonthRange
(string alias)
(Appears on:TimePeriod)
MonthRange is an inclusive range of months of the year beginning in January Months can be specified by name (e.g ‘January’) by numerical month (e.g ‘1’) or as an inclusive range (e.g ‘January:March’, ‘1:3’, ‘1:March’)
OpsGenieConfig
(Appears on:Receiver)
OpsGenieConfig configures notifications via OpsGenie. See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
apiKeySecretKeySelector |
(Optional)
The secret’s key that contains the OpsGenie API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
apiURLstring |
(Optional)
The URL to send OpsGenie API requests to. |
messagestring |
(Optional)
Alert text limited to 130 characters. |
descriptionstring |
(Optional)
Description of the incident. |
sourcestring |
(Optional)
Backlink to the sender of the notification. |
tagsstring |
(Optional)
Comma separated list of tags attached to the notifications. |
notestring |
(Optional)
Additional alert note. |
prioritystring |
(Optional)
Priority level of alert. Possible values are P1, P2, P3, P4, and P5. |
details[]KeyValue |
(Optional)
A set of arbitrary key/value pairs that provide further detail about the incident. |
responders[]OpsGenieConfigResponder |
(Optional)
List of responders responsible for notifications. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
entitystring |
(Optional)
Optional field that can be used to specify which domain alert is related to. |
actionsstring |
(Optional)
Comma separated list of actions that will be available for the alert. |
OpsGenieConfigResponder
(Appears on:OpsGenieConfig)
OpsGenieConfigResponder defines a responder to an incident.
One of id, name or username has to be defined.
| Field | Description |
|---|---|
idstring |
(Optional)
ID of the responder. |
namestring |
(Optional)
Name of the responder. |
usernamestring |
(Optional)
Username of the responder. |
typestring |
Type of responder. |
PagerDutyConfig
(Appears on:Receiver)
PagerDutyConfig configures notifications via PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
routingKeySecretKeySelector |
(Optional)
The secret’s key that contains the PagerDuty integration key (when using
Events API v2). Either this field or |
serviceKeySecretKeySelector |
(Optional)
The secret’s key that contains the PagerDuty service key (when using
integration type “Prometheus”). Either this field or |
urlstring |
(Optional)
The URL to send requests to. |
clientstring |
(Optional)
Client identification. |
clientURLstring |
(Optional)
Backlink to the sender of notification. |
descriptionstring |
(Optional)
Description of the incident. |
severitystring |
(Optional)
Severity of the incident. |
classstring |
(Optional)
The class/type of the event. |
groupstring |
(Optional)
A cluster or grouping of sources. |
componentstring |
(Optional)
The part or component of the affected system that is broken. |
details[]KeyValue |
(Optional)
Arbitrary key/value pairs that provide further detail about the incident. |
pagerDutyImageConfigs[]PagerDutyImageConfig |
(Optional)
A list of image details to attach that provide further detail about an incident. |
pagerDutyLinkConfigs[]PagerDutyLinkConfig |
(Optional)
A list of link details to attach that provide further detail about an incident. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
sourcestring |
(Optional)
Unique location of the affected system. |
PagerDutyImageConfig
(Appears on:PagerDutyConfig)
PagerDutyImageConfig attaches images to an incident
| Field | Description |
|---|---|
srcstring |
(Optional)
Src of the image being attached to the incident |
hrefstring |
(Optional)
Optional URL; makes the image a clickable link. |
altstring |
(Optional)
Alt is the optional alternative text for the image. |
PagerDutyLinkConfig
(Appears on:PagerDutyConfig)
PagerDutyLinkConfig attaches text links to an incident
| Field | Description |
|---|---|
hrefstring |
(Optional)
Href is the URL of the link to be attached |
altstring |
(Optional)
Text that describes the purpose of the link, and can be used as the link’s text. |
ParsedRange
ParsedRange is an integer representation of a range
| Field | Description |
|---|---|
startint |
Start is the beginning of the range |
endint |
End of the range |
PushoverConfig
(Appears on:Receiver)
PushoverConfig configures notifications via Pushover. See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
userKeySecretKeySelector |
(Optional)
The secret’s key that contains the recipient user’s user key.
The secret needs to be in the same namespace as the AlertmanagerConfig
object and accessible by the Prometheus Operator.
Either |
userKeyFilestring |
(Optional)
The user key file that contains the recipient user’s user key.
Either |
tokenSecretKeySelector |
(Optional)
The secret’s key that contains the registered application’s API token, see https://pushover.net/apps.
The secret needs to be in the same namespace as the AlertmanagerConfig
object and accessible by the Prometheus Operator.
Either |
tokenFilestring |
(Optional)
The token file that contains the registered application’s API token, see https://pushover.net/apps.
Either |
titlestring |
(Optional)
Notification title. |
messagestring |
(Optional)
Notification message. |
urlstring |
(Optional)
A supplementary URL shown alongside the message. |
urlTitlestring |
(Optional)
A title for supplementary URL, otherwise just the URL is shown |
ttlDuration |
(Optional)
The time to live definition for the alert notification |
devicestring |
(Optional)
The name of a device to send the notification to |
soundstring |
(Optional)
The name of one of the sounds supported by device clients to override the user’s default sound choice |
prioritystring |
(Optional)
Priority, see https://pushover.net/api#priority |
retrystring |
(Optional)
How often the Pushover servers will send the same notification to the user. Must be at least 30 seconds. |
expirestring |
(Optional)
How long your notification will continue to be retried for, unless the user acknowledges the notification. |
htmlbool |
(Optional)
Whether notification message is HTML or plain text. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
Receiver
(Appears on:AlertmanagerConfigSpec)
Receiver defines one or more notification integrations.
| Field | Description |
|---|---|
namestring |
Name of the receiver. Must be unique across all items from the list. |
opsgenieConfigs[]OpsGenieConfig |
List of OpsGenie configurations. |
pagerdutyConfigs[]PagerDutyConfig |
List of PagerDuty configurations. |
discordConfigs[]DiscordConfig |
List of Slack configurations. |
slackConfigs[]SlackConfig |
List of Slack configurations. |
webhookConfigs[]WebhookConfig |
List of webhook configurations. |
wechatConfigs[]WeChatConfig |
List of WeChat configurations. |
emailConfigs[]EmailConfig |
List of Email configurations. |
victoropsConfigs[]VictorOpsConfig |
List of VictorOps configurations. |
pushoverConfigs[]PushoverConfig |
List of Pushover configurations. |
snsConfigs[]SNSConfig |
List of SNS configurations |
telegramConfigs[]TelegramConfig |
List of Telegram configurations. |
webexConfigs[]WebexConfig |
List of Webex configurations. |
msteamsConfigs[]MSTeamsConfig |
List of MSTeams configurations. It requires Alertmanager >= 0.26.0. |
msteamsv2Configs[]MSTeamsV2Config |
List of MSTeamsV2 configurations. It requires Alertmanager >= 0.28.0. |
Route
(Appears on:AlertmanagerConfigSpec)
Route defines a node in the routing tree.
| Field | Description |
|---|---|
receiverstring |
(Optional)
Name of the receiver for this route. If not empty, it should be listed in
the |
groupBy[]string |
(Optional)
List of labels to group by. Labels must not be repeated (unique list). Special label “…” (aggregate by all possible labels), if provided, must be the only element in the list. |
groupWaitstring |
(Optional)
How long to wait before sending the initial notification.
Must match the regular expression |
groupIntervalstring |
(Optional)
How long to wait before sending an updated notification.
Must match the regular expression |
repeatIntervalstring |
(Optional)
How long to wait before repeating the last notification.
Must match the regular expression |
matchers[]Matcher |
(Optional)
List of matchers that the alert’s labels should match. For the first
level route, the operator removes any existing equality and regexp
matcher on the |
continuebool |
(Optional)
Boolean indicating whether an alert should continue matching subsequent sibling nodes. It will always be overridden to true for the first-level route by the Prometheus operator. |
routes[]k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON |
Child routes. |
muteTimeIntervals[]string |
(Optional)
Note: this comment applies to the field definition above but appears below otherwise it gets included in the generated manifest. CRD schema doesn’t support self-referential types for now (see https://github.com/kubernetes/kubernetes/issues/62872). We have to use an alternative type to circumvent the limitation. The downside is that the Kube API can’t validate the data beyond the fact that it is a valid JSON representation. MuteTimeIntervals is a list of TimeInterval names that will mute this route when matched. |
activeTimeIntervals[]string |
(Optional)
ActiveTimeIntervals is a list of TimeInterval names when this route should be active. |
SNSConfig
(Appears on:Receiver)
SNSConfig configures notifications via AWS SNS. See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
apiURLstring |
(Optional)
The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. If not specified, the SNS API URL from the SNS SDK will be used. |
sigv4Sigv4 |
(Optional)
Configures AWS’s Signature Verification 4 signing process to sign requests. |
topicARNstring |
(Optional)
SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic If you don’t specify this value, you must specify a value for the PhoneNumber or TargetARN. |
subjectstring |
(Optional)
Subject line when the message is delivered to email endpoints. |
phoneNumberstring |
(Optional)
Phone number if message is delivered via SMS in E.164 format. If you don’t specify this value, you must specify a value for the TopicARN or TargetARN. |
targetARNstring |
(Optional)
The mobile platform endpoint ARN if message is delivered via mobile notifications. If you don’t specify this value, you must specify a value for the topic_arn or PhoneNumber. |
messagestring |
(Optional)
The message content of the SNS notification. |
attributesmap[string]string |
(Optional)
SNS message attributes. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
SecretKeySelector
(Appears on:EmailConfig, HTTPConfig, OpsGenieConfig, PagerDutyConfig, PushoverConfig, SlackConfig, TelegramConfig, VictorOpsConfig, WeChatConfig, WebhookConfig)
SecretKeySelector selects a key of a Secret.
| Field | Description |
|---|---|
namestring |
The name of the secret in the object’s namespace to select from. |
keystring |
The key of the secret to select from. Must be a valid secret key. |
SlackAction
(Appears on:SlackConfig)
SlackAction configures a single Slack action that is sent with each notification. See https://api.slack.com/docs/message-attachments#action_fields and https://api.slack.com/docs/message-buttons for more information.
| Field | Description |
|---|---|
typestring |
|
textstring |
|
urlstring |
(Optional) |
stylestring |
(Optional) |
namestring |
(Optional) |
valuestring |
(Optional) |
confirmSlackConfirmationField |
(Optional) |
SlackConfig
(Appears on:Receiver)
SlackConfig configures notifications via Slack. See https://prometheus.io/docs/alerting/latest/configuration/#slack_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
apiURLSecretKeySelector |
(Optional)
The secret’s key that contains the Slack webhook URL. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
channelstring |
(Optional)
The channel or user to send notifications to. |
usernamestring |
(Optional) |
colorstring |
(Optional) |
titlestring |
(Optional) |
titleLinkstring |
(Optional) |
pretextstring |
(Optional) |
textstring |
(Optional) |
fields[]SlackField |
(Optional)
A list of Slack fields that are sent with each notification. |
shortFieldsbool |
(Optional) |
footerstring |
(Optional) |
fallbackstring |
(Optional) |
callbackIdstring |
(Optional) |
iconEmojistring |
(Optional) |
iconURLstring |
(Optional) |
imageURLstring |
(Optional) |
thumbURLstring |
(Optional) |
linkNamesbool |
(Optional) |
mrkdwnIn[]string |
(Optional) |
actions[]SlackAction |
(Optional)
A list of Slack actions that are sent with each notification. |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
SlackConfirmationField
(Appears on:SlackAction)
SlackConfirmationField protect users from destructive actions or particularly distinguished decisions by asking them to confirm their button click one more time. See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields for more information.
| Field | Description |
|---|---|
textstring |
|
titlestring |
(Optional) |
okTextstring |
(Optional) |
dismissTextstring |
(Optional) |
SlackField
(Appears on:SlackConfig)
SlackField configures a single Slack field that is sent with each notification. Each field must contain a title, value, and optionally, a boolean value to indicate if the field is short enough to be displayed next to other fields designated as short. See https://api.slack.com/docs/message-attachments#fields for more information.
| Field | Description |
|---|---|
titlestring |
|
valuestring |
|
shortbool |
(Optional) |
TelegramConfig
(Appears on:Receiver)
TelegramConfig configures notifications via Telegram. See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether to notify about resolved alerts. |
apiURLstring |
(Optional)
The Telegram API URL i.e. https://api.telegram.org. If not specified, default API URL will be used. |
botTokenSecretKeySelector |
(Optional)
Telegram bot token. It is mutually exclusive with Either |
botTokenFilestring |
(Optional)
File to read the Telegram bot token from. It is mutually exclusive with It requires Alertmanager >= v0.26.0. |
chatIDint64 |
The Telegram chat ID. |
messageThreadIDint64 |
(Optional)
The Telegram Group Topic ID. It requires Alertmanager >= 0.26.0. |
messagestring |
(Optional)
Message template |
disableNotificationsbool |
(Optional)
Disable telegram notifications |
parseModestring |
(Optional)
Parse mode for telegram message |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
Time
(string alias)
(Appears on:TimeRange)
Time defines a time in 24hr format
TimeInterval
(Appears on:AlertmanagerConfigSpec)
TimeInterval specifies the periods in time when notifications will be muted or active.
| Field | Description |
|---|---|
namestring |
Name of the time interval. |
timeIntervals[]TimePeriod |
TimeIntervals is a list of TimePeriod. |
TimePeriod
(Appears on:TimeInterval)
TimePeriod describes periods of time.
| Field | Description |
|---|---|
times[]TimeRange |
(Optional)
Times is a list of TimeRange |
weekdays[]WeekdayRange |
(Optional)
Weekdays is a list of WeekdayRange |
daysOfMonth[]DayOfMonthRange |
(Optional)
DaysOfMonth is a list of DayOfMonthRange |
months[]MonthRange |
(Optional)
Months is a list of MonthRange |
years[]YearRange |
(Optional)
Years is a list of YearRange |
TimeRange
(Appears on:TimePeriod)
TimeRange defines a start and end time in 24hr format
| Field | Description |
|---|---|
startTimeTime |
StartTime is the start time in 24hr format. |
endTimeTime |
EndTime is the end time in 24hr format. |
URL
(string alias)
(Appears on:DiscordConfig, WebexConfig)
URL represents a valid URL
VictorOpsConfig
(Appears on:Receiver)
VictorOpsConfig configures notifications via VictorOps. See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
apiKeySecretKeySelector |
(Optional)
The secret’s key that contains the API key to use when talking to the VictorOps API. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
apiUrlstring |
(Optional)
The VictorOps API URL. |
routingKeystring |
(Optional)
A key used to map the alert to a team. |
messageTypestring |
(Optional)
Describes the behavior of the alert (CRITICAL, WARNING, INFO). |
entityDisplayNamestring |
(Optional)
Contains summary of the alerted problem. |
stateMessagestring |
(Optional)
Contains long explanation of the alerted problem. |
monitoringToolstring |
(Optional)
The monitoring tool the state message is from. |
customFields[]KeyValue |
(Optional)
Additional custom fields for notification. |
httpConfigHTTPConfig |
(Optional)
The HTTP client’s configuration. |
WeChatConfig
(Appears on:Receiver)
WeChatConfig configures notifications via WeChat. See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
apiSecretSecretKeySelector |
(Optional)
The secret’s key that contains the WeChat API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. |
apiURLstring |
(Optional)
The WeChat API URL. |
corpIDstring |
(Optional)
The corp id for authentication. |
agentIDstring |
(Optional) |
toUserstring |
(Optional) |
toPartystring |
(Optional) |
toTagstring |
(Optional) |
messagestring |
API request data as defined by the WeChat API. |
messageTypestring |
(Optional) |
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
WebexConfig
(Appears on:Receiver)
WebexConfig configures notification via Cisco Webex See https://prometheus.io/docs/alerting/latest/configuration/#webex_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether to notify about resolved alerts. |
apiURLURL |
(Optional)
The Webex Teams API URL i.e. https://webexapis.com/v1/messages |
httpConfigHTTPConfig |
The HTTP client’s configuration.
You must use this configuration to supply the bot token as part of the HTTP |
messagestring |
(Optional)
Message template |
roomIDstring |
ID of the Webex Teams room where to send the messages. |
WebhookConfig
(Appears on:Receiver)
WebhookConfig configures notifications via a generic receiver supporting the webhook payload. See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config
| Field | Description |
|---|---|
sendResolvedbool |
(Optional)
Whether or not to notify about resolved alerts. |
urlstring |
(Optional)
The URL to send HTTP POST requests to. |
urlSecretSecretKeySelector |
(Optional)
The secret’s key that contains the webhook URL to send HTTP requests to.
|
httpConfigHTTPConfig |
(Optional)
HTTP client configuration. |
maxAlertsint32 |
(Optional)
Maximum number of alerts to be sent per webhook message. When 0, all alerts are included. |
timeoutDuration |
(Optional)
The maximum time to wait for a webhook request to complete, before failing the request and allowing it to be retried. It requires Alertmanager >= v0.28.0. |
Weekday
(string alias)
Weekday is day of the week
| Value | Description |
|---|---|
"friday" |
|
"monday" |
|
"saturday" |
|
"sunday" |
|
"thursday" |
|
"tuesday" |
|
"wednesday" |
WeekdayRange
(string alias)
(Appears on:TimePeriod)
WeekdayRange is an inclusive range of days of the week beginning on Sunday Days can be specified by name (e.g ‘Sunday’) or as an inclusive range (e.g ‘Monday:Friday’)
YearRange
(string alias)
(Appears on:TimePeriod)
YearRange is an inclusive range of years