additionalAlertManagerConfigs
|
object
|
AdditionalAlertManagerConfigs specifies a key of a Secret containing
additional prometheus Alertmanager configurations. The Alertmanager
configurations are appended to the configuration generated by the
prometheus Operator. They must be formatted according to the official
prometheus documentation:
https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config
The user is responsible for making sure that the configurations are valid
Note that using this feature may expose the possibility to break
upgrades of prometheus. It is advised to review prometheus release notes
to ensure that no incompatible AlertManager configs are going to break
prometheus after the upgrade. |
additionalAlertRelabelConfigs
|
object
|
AdditionalAlertRelabelConfigs specifies a key of a Secret containing
additional prometheus alert relabel configurations. The alert relabel
configurations are appended to the configuration generated by the
prometheus Operator. They must be formatted according to the official
prometheus documentation:
https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs
The user is responsible for making sure that the configurations are valid
Note that using this feature may expose the possibility to break
upgrades of prometheus. It is advised to review prometheus release notes
to ensure that no incompatible alert relabel configs are going to break
prometheus after the upgrade. |
additionalArgs
|
array
|
AdditionalArgs allows setting additional arguments for the 'prometheus' container.
It is intended for e.g. activating hidden flags which are not supported by
the dedicated configuration options yet. The arguments are passed as-is to the
prometheus container which may cause issues if they are invalid or not supported
by the given prometheus version.
In case of an argument conflict (e.g. an argument which is already set by the
operator itself) or when providing an invalid argument, the reconciliation will
fail and an error will be logged. |
additionalArgs[]
|
object
|
Argument as part of the AdditionalArgs list. |
additionalScrapeConfigs
|
object
|
AdditionalScrapeConfigs allows specifying a key of a Secret containing
additional prometheus scrape configurations. Scrape configurations
specified are appended to the configurations generated by the prometheus
Operator. Job configurations specified must have the form as specified
in the official prometheus documentation:
https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config.
As scrape configs are appended, the user is responsible to make sure it
is valid. Note that using this feature may expose the possibility to
break upgrades of prometheus. It is advised to review prometheus release
notes to ensure that no incompatible scrape configs are going to break
prometheus after the upgrade. |
affinity
|
object
|
Defines the Pods' affinity scheduling rules if specified. |
alerting
|
object
|
Defines the settings related to Alertmanager. |
allowOverlappingBlocks
|
boolean
|
AllowOverlappingBlocks enables vertical compaction and vertical query
merge in prometheus.
Deprecated: this flag has no effect for prometheus >= 2.39.0 where overlapping blocks are enabled by default. |
apiserverConfig
|
object
|
APIServerConfig allows specifying a host and auth methods to access the
Kuberntees API server.
If null, prometheus is assumed to run inside of the cluster: it will
discover the API servers automatically and use the Pod’s CA certificate
and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. |
arbitraryFSAccessThroughSMs
|
object
|
When true, ServiceMonitor, PodMonitor and Probe object are forbidden to
reference arbitrary files on the file system of the 'prometheus'
container.
When a ServiceMonitor’s endpoint specifies a bearerTokenFile value
(e.g. '/var/run/secrets/kubernetes.io/serviceaccount/token'), a
malicious target can get access to the prometheus service account’s
token in the prometheus' scrape request. Setting
spec.arbitraryFSAccessThroughSM to 'true' would prevent the attack.
Users should instead provide the credentials using the
spec.bearerTokenSecret field. |
automountServiceAccountToken
|
boolean
|
AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod.
If the field isn’t set, the operator mounts the service account token by default.
Warning: be aware that by default, prometheus requires the service account token for Kubernetes service discovery.
It is possible to use strategic merge patch to project the service account token into the 'prometheus' container. |
baseImage
|
string
|
Deprecated: use 'spec.image' instead. |
bodySizeLimit
|
string
|
BodySizeLimit defines per-scrape on response body size.
Only valid in prometheus versions 2.45.0 and newer.
Note that the global limit only applies to scrape objects that don’t specify an explicit limit value.
If you want to enforce a maximum limit for all scrape objects, refer to enforcedBodySizeLimit. |
configMaps
|
array (string)
|
ConfigMaps is a list of ConfigMaps in the same namespace as the prometheus
object, which shall be mounted into the prometheus Pods.
Each ConfigMap is added to the StatefulSet definition as a volume named configmap-<configmap-name> .
The ConfigMaps are mounted into /etc/prometheus/configmaps/<configmap-name> in the 'prometheus' container. |
containers
|
array
|
Containers allows injecting additional containers or modifying operator
generated containers. This can be used to allow adding an authentication
proxy to the Pods or to change the behavior of an operator generated
container. Containers described here modify an operator generated
container if they share the same name and modifications are done via a
strategic merge patch.
The names of containers managed by the operator are:
* prometheus
* config-reloader
* thanos-sidecar
Overriding containers is entirely outside the scope of what the
maintainers will support and by doing so, you accept that this behaviour
may break at any time without notice. |
containers[]
|
object
|
A single application container that you want to run within a pod. |
disableCompaction
|
boolean
|
When true, the prometheus compaction is disabled. |
dnsConfig
|
object
|
Defines the DNS configuration for the pods. |
dnsPolicy
|
string
|
Defines the DNS policy for the pods. |
enableAdminAPI
|
boolean
|
Enables access to the prometheus web admin API.
WARNING: Enabling the admin APIs enables mutating endpoints, to delete data,
shutdown prometheus, and more. Enabling this should be done with care and the
user is advised to add additional authentication authorization via a proxy to
ensure only clients authorized to perform these actions can do so.
For more information:
https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis |
enableFeatures
|
array (string)
|
Enable access to prometheus feature flags. By default, no features are enabled.
Enabling features which are disabled by default is entirely outside the
scope of what the maintainers will support and by doing so, you accept
that this behaviour may break at any time without notice.
For more information see https://prometheus.io/docs/prometheus/latest/feature_flags/ |
enableRemoteWriteReceiver
|
boolean
|
Enable prometheus to be used as a receiver for the prometheus remote
write protocol.
WARNING: This is not considered an efficient way of ingesting samples.
Use it with caution for specific low-volume use cases.
It is not suitable for replacing the ingestion via scraping and turning
prometheus into a push-based metrics collection system.
For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver
It requires prometheus >= v2.33.0. |
enforcedBodySizeLimit
|
string
|
When defined, enforcedBodySizeLimit specifies a global limit on the size
of uncompressed response body that will be accepted by prometheus.
Targets responding with a body larger than this many bytes will cause
the scrape to fail.
It requires prometheus >= v2.28.0.
When both enforcedBodySizeLimit and bodySizeLimit are defined and greater than zero, the following rules apply:
* Scrape objects without a defined bodySizeLimit value will inherit the global bodySizeLimit value (prometheus >= 2.45.0) or the enforcedBodySizeLimit value (prometheus < v2.45.0).
If prometheus version is >= 2.45.0 and the enforcedBodySizeLimit is greater than the bodySizeLimit , the bodySizeLimit will be set to enforcedBodySizeLimit .
* Scrape objects with a bodySizeLimit value less than or equal to enforcedBodySizeLimit keep their specific value.
* Scrape objects with a bodySizeLimit value greater than enforcedBodySizeLimit are set to enforcedBodySizeLimit. |
enforcedKeepDroppedTargets
|
integer
|
When defined, enforcedKeepDroppedTargets specifies a global limit on the number of targets
dropped by relabeling that will be kept in memory. The value overrides
any spec.keepDroppedTargets set by
ServiceMonitor, PodMonitor, Probe objects unless spec.keepDroppedTargets is
greater than zero and less than spec.enforcedKeepDroppedTargets .
It requires prometheus >= v2.47.0.
When both enforcedKeepDroppedTargets and keepDroppedTargets are defined and greater than zero, the following rules apply:
* Scrape objects without a defined keepDroppedTargets value will inherit the global keepDroppedTargets value (prometheus >= 2.45.0) or the enforcedKeepDroppedTargets value (prometheus < v2.45.0).
If prometheus version is >= 2.45.0 and the enforcedKeepDroppedTargets is greater than the keepDroppedTargets , the keepDroppedTargets will be set to enforcedKeepDroppedTargets .
* Scrape objects with a keepDroppedTargets value less than or equal to enforcedKeepDroppedTargets keep their specific value.
* Scrape objects with a keepDroppedTargets value greater than enforcedKeepDroppedTargets are set to enforcedKeepDroppedTargets. |
enforcedLabelLimit
|
integer
|
When defined, enforcedLabelLimit specifies a global limit on the number
of labels per sample. The value overrides any spec.labelLimit set by
ServiceMonitor, PodMonitor, Probe objects unless spec.labelLimit is
greater than zero and less than spec.enforcedLabelLimit .
It requires prometheus >= v2.27.0.
When both enforcedLabelLimit and labelLimit are defined and greater than zero, the following rules apply:
* Scrape objects without a defined labelLimit value will inherit the global labelLimit value (prometheus >= 2.45.0) or the enforcedLabelLimit value (prometheus < v2.45.0).
If prometheus version is >= 2.45.0 and the enforcedLabelLimit is greater than the labelLimit , the labelLimit will be set to enforcedLabelLimit .
* Scrape objects with a labelLimit value less than or equal to enforcedLabelLimit keep their specific value.
* Scrape objects with a labelLimit value greater than enforcedLabelLimit are set to enforcedLabelLimit. |
enforcedLabelNameLengthLimit
|
integer
|
When defined, enforcedLabelNameLengthLimit specifies a global limit on the length
of labels name per sample. The value overrides any spec.labelNameLengthLimit set by
ServiceMonitor, PodMonitor, Probe objects unless spec.labelNameLengthLimit is
greater than zero and less than spec.enforcedLabelNameLengthLimit .
It requires prometheus >= v2.27.0.
When both enforcedLabelNameLengthLimit and labelNameLengthLimit are defined and greater than zero, the following rules apply:
* Scrape objects without a defined labelNameLengthLimit value will inherit the global labelNameLengthLimit value (prometheus >= 2.45.0) or the enforcedLabelNameLengthLimit value (prometheus < v2.45.0).
If prometheus version is >= 2.45.0 and the enforcedLabelNameLengthLimit is greater than the labelNameLengthLimit , the labelNameLengthLimit will be set to enforcedLabelNameLengthLimit .
* Scrape objects with a labelNameLengthLimit value less than or equal to enforcedLabelNameLengthLimit keep their specific value.
* Scrape objects with a labelNameLengthLimit value greater than enforcedLabelNameLengthLimit are set to enforcedLabelNameLengthLimit. |
enforcedLabelValueLengthLimit
|
integer
|
When not null, enforcedLabelValueLengthLimit defines a global limit on the length
of labels value per sample. The value overrides any spec.labelValueLengthLimit set by
ServiceMonitor, PodMonitor, Probe objects unless spec.labelValueLengthLimit is
greater than zero and less than spec.enforcedLabelValueLengthLimit .
It requires prometheus >= v2.27.0.
When both enforcedLabelValueLengthLimit and labelValueLengthLimit are defined and greater than zero, the following rules apply:
* Scrape objects without a defined labelValueLengthLimit value will inherit the global labelValueLengthLimit value (prometheus >= 2.45.0) or the enforcedLabelValueLengthLimit value (prometheus < v2.45.0).
If prometheus version is >= 2.45.0 and the enforcedLabelValueLengthLimit is greater than the labelValueLengthLimit , the labelValueLengthLimit will be set to enforcedLabelValueLengthLimit .
* Scrape objects with a labelValueLengthLimit value less than or equal to enforcedLabelValueLengthLimit keep their specific value.
* Scrape objects with a labelValueLengthLimit value greater than enforcedLabelValueLengthLimit are set to enforcedLabelValueLengthLimit. |
enforcedNamespaceLabel
|
string
|
When not empty, a label will be added to:
1. All metrics scraped from ServiceMonitor , PodMonitor , Probe and ScrapeConfig objects.
2. All metrics generated from recording rules defined in prometheusRule objects.
3. All alerts generated from alerting rules defined in prometheusRule objects.
4. All vector selectors of PromQL expressions defined in prometheusRule objects.
The label will not added for objects referenced in spec.excludedFromEnforcement .
The label’s name is this field’s value.
The label’s value is the namespace of the ServiceMonitor ,
PodMonitor , Probe , prometheusRule or ScrapeConfig object. |
enforcedSampleLimit
|
integer
|
When defined, enforcedSampleLimit specifies a global limit on the number
of scraped samples that will be accepted. This overrides any
spec.sampleLimit set by ServiceMonitor, PodMonitor, Probe objects
unless spec.sampleLimit is greater than zero and less than
spec.enforcedSampleLimit .
It is meant to be used by admins to keep the overall number of
samples/series under a desired limit.
When both enforcedSampleLimit and sampleLimit are defined and greater than zero, the following rules apply:
* Scrape objects without a defined sampleLimit value will inherit the global sampleLimit value (prometheus >= 2.45.0) or the enforcedSampleLimit value (prometheus < v2.45.0).
If prometheus version is >= 2.45.0 and the enforcedSampleLimit is greater than the sampleLimit , the sampleLimit will be set to enforcedSampleLimit .
* Scrape objects with a sampleLimit value less than or equal to enforcedSampleLimit keep their specific value.
* Scrape objects with a sampleLimit value greater than enforcedSampleLimit are set to enforcedSampleLimit. |
enforcedTargetLimit
|
integer
|
When defined, enforcedTargetLimit specifies a global limit on the number
of scraped targets. The value overrides any spec.targetLimit set by
ServiceMonitor, PodMonitor, Probe objects unless spec.targetLimit is
greater than zero and less than spec.enforcedTargetLimit .
It is meant to be used by admins to to keep the overall number of
targets under a desired limit.
When both enforcedTargetLimit and targetLimit are defined and greater than zero, the following rules apply:
* Scrape objects without a defined targetLimit value will inherit the global targetLimit value (prometheus >= 2.45.0) or the enforcedTargetLimit value (prometheus < v2.45.0).
If prometheus version is >= 2.45.0 and the enforcedTargetLimit is greater than the targetLimit , the targetLimit will be set to enforcedTargetLimit .
* Scrape objects with a targetLimit value less than or equal to enforcedTargetLimit keep their specific value.
* Scrape objects with a targetLimit value greater than enforcedTargetLimit are set to enforcedTargetLimit. |
evaluationInterval
|
string
|
Interval between rule evaluations.
Default: "30s" |
excludedFromEnforcement
|
array
|
List of references to PodMonitor, ServiceMonitor, Probe and prometheusRule objects
to be excluded from enforcing a namespace label of origin.
It is only applicable if spec.enforcedNamespaceLabel set to true. |
excludedFromEnforcement[]
|
object
|
ObjectReference references a PodMonitor, ServiceMonitor, Probe or prometheusRule object. |
exemplars
|
object
|
Exemplars related settings that are runtime reloadable.
It requires to enable the exemplar-storage feature flag to be effective. |
externalLabels
|
object (string)
|
The labels to add to any time series or alerts when communicating with
external systems (federation, remote storage, Alertmanager).
Labels defined by spec.replicaExternalLabelName and
spec.prometheusExternalLabelName take precedence over this list. |
externalUrl
|
string
|
The external URL under which the prometheus service is externally
available. This is necessary to generate correct URLs (for instance if
prometheus is accessible behind an Ingress resource). |
hostAliases
|
array
|
Optional list of hosts and IPs that will be injected into the Pod’s
hosts file if specified. |
hostAliases[]
|
object
|
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the
pod’s hosts file. |
hostNetwork
|
boolean
|
Use the host’s network namespace if true.
Make sure to understand the security implications if you want to enable
it (https://kubernetes.io/docs/concepts/configuration/overview/).
When hostNetwork is enabled, this will set the DNS policy to
ClusterFirstWithHostNet automatically (unless .spec.DNSPolicy is set
to a different value). |
ignoreNamespaceSelectors
|
boolean
|
When true, spec.namespaceSelector from all PodMonitor, ServiceMonitor
and Probe objects will be ignored. They will only discover targets
within the namespace of the PodMonitor, ServiceMonitor and Probe
object. |
image
|
string
|
Container image name for prometheus. If specified, it takes precedence
over the spec.baseImage , spec.tag and spec.sha fields.
Specifying spec.version is still necessary to ensure the prometheus
Operator knows which version of prometheus is being configured.
If neither spec.image nor spec.baseImage are defined, the operator
will use the latest upstream version of prometheus available at the time
when the operator was released. |
imagePullPolicy
|
string
|
Image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers.
See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. |
imagePullSecrets
|
array
|
An optional list of references to Secrets in the same namespace
to use for pulling images from registries.
See http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod |
imagePullSecrets[]
|
object
|
LocalObjectReference contains enough information to let you locate the
referenced object inside the same namespace. |
initContainers
|
array
|
InitContainers allows injecting initContainers to the Pod definition. Those
can be used to e.g. fetch secrets for injection into the prometheus
configuration from external sources. Any errors during the execution of
an initContainer will lead to a restart of the Pod. More info:
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
InitContainers described here modify an operator generated init
containers if they share the same name and modifications are done via a
strategic merge patch.
The names of init container name managed by the operator are:
* init-config-reloader .
Overriding init containers is entirely outside the scope of what the
maintainers will support and by doing so, you accept that this behaviour
may break at any time without notice. |
initContainers[]
|
object
|
A single application container that you want to run within a pod. |
keepDroppedTargets
|
integer
|
Per-scrape limit on the number of targets dropped by relabeling
that will be kept in memory. 0 means no limit.
It requires prometheus >= v2.47.0.
Note that the global limit only applies to scrape objects that don’t specify an explicit limit value.
If you want to enforce a maximum limit for all scrape objects, refer to enforcedKeepDroppedTargets. |
labelLimit
|
integer
|
Per-scrape limit on number of labels that will be accepted for a sample.
Only valid in prometheus versions 2.45.0 and newer.
Note that the global limit only applies to scrape objects that don’t specify an explicit limit value.
If you want to enforce a maximum limit for all scrape objects, refer to enforcedLabelLimit. |
labelNameLengthLimit
|
integer
|
Per-scrape limit on length of labels name that will be accepted for a sample.
Only valid in prometheus versions 2.45.0 and newer.
Note that the global limit only applies to scrape objects that don’t specify an explicit limit value.
If you want to enforce a maximum limit for all scrape objects, refer to enforcedLabelNameLengthLimit. |
labelValueLengthLimit
|
integer
|
Per-scrape limit on length of labels value that will be accepted for a sample.
Only valid in prometheus versions 2.45.0 and newer.
Note that the global limit only applies to scrape objects that don’t specify an explicit limit value.
If you want to enforce a maximum limit for all scrape objects, refer to enforcedLabelValueLengthLimit. |
listenLocal
|
boolean
|
When true, the prometheus server listens on the loopback address
instead of the Pod IP’s address. |
logFormat
|
string
|
Log format for Log level for prometheus and the config-reloader sidecar. |
logLevel
|
string
|
Log level for prometheus and the config-reloader sidecar. |
maximumStartupDurationSeconds
|
integer
|
Defines the maximum time that the prometheus container’s startup probe will wait before being considered failed. The startup probe will return success after the WAL replay is complete.
If set, the value should be greater than 60 (seconds). Otherwise it will be equal to 600 seconds (15 minutes). |
minReadySeconds
|
integer
|
Minimum number of seconds for which a newly created Pod should be ready
without any of its container crashing for it to be considered available.
Defaults to 0 (pod will be considered available as soon as it is ready)
This is an alpha field from kubernetes 1.22 until 1.24 which requires
enabling the StatefulSetMinReadySeconds feature gate. |
nodeSelector
|
object (string)
|
Defines on which Nodes the Pods are scheduled. |
otlp
|
object
|
Settings related to the OTLP receiver feature.
It requires prometheus >= v2.55.0. |
overrideHonorLabels
|
boolean
|
When true, prometheus resolves label conflicts by renaming the labels in the scraped data
to “exported_” for all targets created from ServiceMonitor, PodMonitor and
ScrapeConfig objects. Otherwise the HonorLabels field of the service or pod monitor applies.
In practice,overrideHonorLaels:true enforces honorLabels:false
for all ServiceMonitor, PodMonitor and ScrapeConfig objects. |
overrideHonorTimestamps
|
boolean
|
When true, prometheus ignores the timestamps for all the targets created
from service and pod monitors.
Otherwise the HonorTimestamps field of the service or pod monitor applies. |
paused
|
boolean
|
When a prometheus deployment is paused, no actions except for deletion
will be performed on the underlying objects. |
persistentVolumeClaimRetentionPolicy
|
object
|
The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet.
The default behavior is all PVCs are retained.
This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26.
It requires enabling the StatefulSetAutoDeletePVC feature gate. |
podMetadata
|
object
|
PodMetadata configures labels and annotations which are propagated to the prometheus pods.
The following items are reserved and cannot be overridden:
* "prometheus" label, set to the name of the prometheus object.
* "app.kubernetes.io/instance" label, set to the name of the prometheus object.
* "app.kubernetes.io/managed-by" label, set to "prometheus-operator".
* "app.kubernetes.io/name" label, set to "prometheus".
* "app.kubernetes.io/version" label, set to the prometheus version.
* "operator.prometheus.io/name" label, set to the name of the prometheus object.
* "operator.prometheus.io/shard" label, set to the shard number of the prometheus object.
* "kubectl.kubernetes.io/default-container" annotation, set to "prometheus". |
podMonitorNamespaceSelector
|
object
|
Namespaces to match for PodMonitors discovery. An empty label selector
matches all namespaces. A null label selector (default value) matches the current
namespace only. |
podMonitorSelector
|
object
|
PodMonitors to be selected for target discovery. An empty label selector
matches all objects. A null label selector matches no objects.
If spec.serviceMonitorSelector , spec.podMonitorSelector , spec.probeSelector
and spec.scrapeConfigSelector are null, the prometheus configuration is unmanaged.
The prometheus operator will ensure that the prometheus configuration’s
Secret exists, but it is the responsibility of the user to provide the raw
gzipped prometheus configuration under the prometheus.yaml.gz key.
This behavior is deprecated and will be removed in the next major version
of the custom resource definition. It is recommended to use
spec.additionalScrapeConfigs instead. |
podTargetLabels
|
array (string)
|
PodTargetLabels are appended to the spec.podTargetLabels field of all
PodMonitor and ServiceMonitor objects. |
portName
|
string
|
Port name used for the pods and governing service.
Default: "web" |
priorityClassName
|
string
|
Priority class assigned to the Pods. |
probeNamespaceSelector
|
object
|
Namespaces to match for Probe discovery. An empty label
selector matches all namespaces. A null label selector matches the
current namespace only. |
probeSelector
|
object
|
Probes to be selected for target discovery. An empty label selector
matches all objects. A null label selector matches no objects.
If spec.serviceMonitorSelector , spec.podMonitorSelector , spec.probeSelector
and spec.scrapeConfigSelector are null, the prometheus configuration is unmanaged.
The prometheus operator will ensure that the prometheus configuration’s
Secret exists, but it is the responsibility of the user to provide the raw
gzipped prometheus configuration under the prometheus.yaml.gz key.
This behavior is deprecated and will be removed in the next major version
of the custom resource definition. It is recommended to use
spec.additionalScrapeConfigs instead. |
prometheusExternalLabelName
|
string
|
Name of prometheus external label used to denote the prometheus instance
name. The external label will not be added when the field is set to
the empty string ("" ).
Default: "prometheus" |
prometheusRulesExcludedFromEnforce
|
array
|
Defines the list of prometheusRule objects to which the namespace label
enforcement doesn’t apply.
This is only relevant when spec.enforcedNamespaceLabel is set to true.
Deprecated: use spec.excludedFromEnforcement instead. |
prometheusRulesExcludedFromEnforce[]
|
object
|
prometheusRuleExcludeConfig enables users to configure excluded
prometheusRule names and their namespaces to be ignored while enforcing
namespace label for alerts and metrics. |
query
|
object
|
QuerySpec defines the configuration of the Promethus query service. |
queryLogFile
|
string
|
queryLogFile specifies where the file to which PromQL queries are logged.
If the filename has an empty path, e.g. 'query.log', The prometheus Pods
will mount the file into an emptyDir volume at /var/log/prometheus .
If a full path is provided, e.g. '/var/log/prometheus/query.log', you
must mount a volume in the specified directory and it must be writable.
This is because the prometheus container runs with a read-only root
filesystem for security reasons.
Alternatively, the location can be set to a standard I/O stream, e.g.
/dev/stdout , to log query information to the default prometheus log
stream. |
reloadStrategy
|
string
|
Defines the strategy used to reload the prometheus configuration.
If not specified, the configuration is reloaded using the /-/reload HTTP endpoint. |
remoteRead
|
array
|
Defines the list of remote read configurations. |
remoteRead[]
|
object
|
RemoteReadSpec defines the configuration for prometheus to read back samples
from a remote endpoint. |
remoteWrite
|
array
|
Defines the list of remote write configurations. |
remoteWrite[]
|
object
|
RemoteWriteSpec defines the configuration to write samples from prometheus
to a remote endpoint. |
remoteWriteReceiverMessageVersions
|
array (string)
|
List of the protobuf message versions to accept when receiving the
remote writes.
It requires prometheus >= v2.54.0. |
replicaExternalLabelName
|
string
|
Name of prometheus external label used to denote the replica name.
The external label will not be added when the field is set to the
empty string ("" ).
Default: "prometheus_replica" |
replicas
|
integer
|
Number of replicas of each shard to deploy for a prometheus deployment.
spec.replicas multiplied by spec.shards is the total number of Pods
created.
Default: 1 |
resources
|
object
|
Defines the resources requests and limits of the 'prometheus' container. |
retention
|
string
|
How long to retain the prometheus data.
Default: "24h" if spec.retention and spec.retentionSize are empty. |
retentionSize
|
string
|
Maximum number of bytes used by the prometheus data. |
routePrefix
|
string
|
The route prefix prometheus registers HTTP handlers for.
This is useful when using spec.externalURL , and a proxy is rewriting
HTTP routes of a request, and the actual ExternalURL is still true, but
the server serves requests under a different route prefix. For example
for use with kubectl proxy . |
ruleNamespaceSelector
|
object
|
Namespaces to match for prometheusRule discovery. An empty label selector
matches all namespaces. A null label selector matches the current
namespace only. |
ruleQueryOffset
|
string
|
Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past.
It requires prometheus >= v2.53.0. |
ruleSelector
|
object
|
prometheusRule objects to be selected for rule evaluation. An empty
label selector matches all objects. A null label selector matches no
objects. |
rules
|
object
|
Defines the configuration of the prometheus rules' engine. |
runtime
|
object
|
RuntimeConfig configures the values for the prometheus process behavior |
sampleLimit
|
integer
|
SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
Only valid in prometheus versions 2.45.0 and newer.
Note that the global limit only applies to scrape objects that don’t specify an explicit limit value.
If you want to enforce a maximum limit for all scrape objects, refer to enforcedSampleLimit. |
scrapeClasses
|
array
|
List of scrape classes to expose to scraping objects such as
PodMonitors, ServiceMonitors, Probes and ScrapeConfigs.
This is an experimental feature, it may change in any upcoming release
in a breaking way. |
scrapeClasses[]
|
object
|
|
scrapeConfigNamespaceSelector
|
object
|
Namespaces to match for ScrapeConfig discovery. An empty label selector
matches all namespaces. A null label selector matches the current
namespace only.
Note that the ScrapeConfig custom resource definition is currently at Alpha level. |
scrapeConfigSelector
|
object
|
ScrapeConfigs to be selected for target discovery. An empty label
selector matches all objects. A null label selector matches no objects.
If spec.serviceMonitorSelector , spec.podMonitorSelector , spec.probeSelector
and spec.scrapeConfigSelector are null, the prometheus configuration is unmanaged.
The prometheus operator will ensure that the prometheus configuration’s
Secret exists, but it is the responsibility of the user to provide the raw
gzipped prometheus configuration under the prometheus.yaml.gz key.
This behavior is deprecated and will be removed in the next major version
of the custom resource definition. It is recommended to use
spec.additionalScrapeConfigs instead.
Note that the ScrapeConfig custom resource definition is currently at Alpha level. |
scrapeInterval
|
string
|
Interval between consecutive scrapes.
Default: "30s" |
scrapeProtocols
|
array (string)
|
The protocols to negotiate during a scrape. It tells clients the
protocols supported by prometheus in order of preference (from most to least preferred).
If unset, prometheus uses its default value.
It requires prometheus >= v2.49.0. |
scrapeTimeout
|
string
|
Number of seconds to wait until a scrape request times out. |
secrets
|
array (string)
|
Secrets is a list of Secrets in the same namespace as the prometheus
object, which shall be mounted into the prometheus Pods.
Each Secret is added to the StatefulSet definition as a volume named secret-<secret-name> .
The Secrets are mounted into /etc/prometheus/secrets/<secret-name> in the 'prometheus' container. |
securityContext
|
object
|
SecurityContext holds pod-level security attributes and common container settings.
This defaults to the default PodSecurityContext. |
serviceAccountName
|
string
|
ServiceAccountName is the name of the ServiceAccount to use to run the
prometheus Pods. |
serviceDiscoveryRole
|
string
|
Defines the service discovery role used to discover targets from
ServiceMonitor objects and Alertmanager endpoints.
If set, the value should be either "Endpoints" or "EndpointSlice".
If unset, the operator assumes the "Endpoints" role. |
serviceMonitorNamespaceSelector
|
object
|
Namespaces to match for ServicedMonitors discovery. An empty label selector
matches all namespaces. A null label selector (default value) matches the current
namespace only. |
serviceMonitorSelector
|
object
|
ServiceMonitors to be selected for target discovery. An empty label
selector matches all objects. A null label selector matches no objects.
If spec.serviceMonitorSelector , spec.podMonitorSelector , spec.probeSelector
and spec.scrapeConfigSelector are null, the prometheus configuration is unmanaged.
The prometheus operator will ensure that the prometheus configuration’s
Secret exists, but it is the responsibility of the user to provide the raw
gzipped prometheus configuration under the prometheus.yaml.gz key.
This behavior is deprecated and will be removed in the next major version
of the custom resource definition. It is recommended to use
spec.additionalScrapeConfigs instead. |
sha
|
string
|
Deprecated: use 'spec.image' instead. The image’s digest can be specified as part of the image name. |
shards
|
integer
|
Number of shards to distribute targets onto. spec.replicas
multiplied by spec.shards is the total number of Pods created.
Note that scaling down shards will not reshard data onto remaining
instances, it must be manually moved. Increasing shards will not reshard
data either but it will continue to be available from the same
instances. To query globally, use Thanos sidecar and Thanos querier or
remote write data to a central location.
Sharding is performed on the content of the address target meta-label
for PodMonitors and ServiceMonitors and param_target for Probes.
Default: 1 |
storage
|
object
|
Storage defines the storage used by prometheus. |
tag
|
string
|
Deprecated: use 'spec.image' instead. The image’s tag can be specified as part of the image name. |
targetLimit
|
integer
|
TargetLimit defines a limit on the number of scraped targets that will be accepted.
Only valid in prometheus versions 2.45.0 and newer.
Note that the global limit only applies to scrape objects that don’t specify an explicit limit value.
If you want to enforce a maximum limit for all scrape objects, refer to enforcedTargetLimit. |
thanos
|
object
|
Defines the configuration of the optional Thanos sidecar. |
tolerations
|
array
|
Defines the Pods' tolerations if specified. |
tolerations[]
|
object
|
The pod this Toleration is attached to tolerates any taint that matches
the triple <key,value,effect> using the matching operator <operator>. |
topologySpreadConstraints
|
array
|
Defines the pod’s topology spread constraints if specified. |
topologySpreadConstraints[]
|
object
|
|
tracingConfig
|
object
|
TracingConfig configures tracing in prometheus.
This is an experimental feature, it may change in any upcoming release
in a breaking way. |
tsdb
|
object
|
Defines the runtime reloadable configuration of the timeseries database(TSDB).
It requires prometheus >= v2.39.0 or prometheusAgent >= v2.54.0. |
version
|
string
|
Version of prometheus being deployed. The operator uses this information
to generate the prometheus StatefulSet + configuration files.
If not specified, the operator assumes the latest upstream version of
prometheus available at the time when the version of the operator was
released. |
volumeMounts
|
array
|
VolumeMounts allows the configuration of additional VolumeMounts.
VolumeMounts will be appended to other VolumeMounts in the 'prometheus'
container, that are generated as a result of StorageSpec objects. |
volumeMounts[]
|
object
|
VolumeMount describes a mounting of a Volume within a container. |
volumes
|
array
|
Volumes allows the configuration of additional volumes on the output
StatefulSet definition. Volumes specified will be appended to other
volumes that are generated as a result of StorageSpec objects. |
volumes[]
|
object
|
Volume represents a named volume in a pod that may be accessed by any container in the pod. |
walCompression
|
boolean
|
Configures compression of the write-ahead log (WAL) using Snappy.
WAL compression is enabled by default for prometheus >= 2.20.0
Requires prometheus v2.11.0 and above. |
web
|
object
|
Defines the configuration of the prometheus web server. |