From 48ae960e42772f48db1da663db974d5a29255c06 Mon Sep 17 00:00:00 2001 From: Youngjin Jo Date: Tue, 16 Apr 2024 12:44:46 +0900 Subject: [PATCH] feat: update grafana/k8s-monitoring:0.13.4 Signed-off-by: Youngjin Jo --- charts/k8s-monitoring/Chart.lock | 16 +- charts/k8s-monitoring/Chart.yaml | 16 +- charts/k8s-monitoring/README.md | 14 +- .../charts/grafana-agent/CHANGELOG.md | 7 + .../charts/grafana-agent/Chart.lock | 2 +- .../charts/grafana-agent/Chart.yaml | 4 +- .../charts/grafana-agent/README.md | 2 +- .../grafana-agent/ci/nonroot-values.yaml | 7 + .../k8s-monitoring/charts/opencost/Chart.yaml | 2 +- .../k8s-monitoring/charts/opencost/README.md | 12 +- .../charts/opencost/README.md.gotmpl | 3 + .../charts/opencost/templates/deployment.yaml | 16 +- .../charts/opencost/values.yaml | 16 +- .../prometheus-operator-crds/Chart.lock | 2 +- .../prometheus-operator-crds/Chart.yaml | 4 +- .../templates/crd-alertmanagerconfigs.yaml | 10 +- .../crds/templates/crd-alertmanagers.yaml | 20 +- .../crds/templates/crd-podmonitors.yaml | 10 +- .../charts/crds/templates/crd-probes.yaml | 4 +- .../crds/templates/crd-prometheusagents.yaml | 196 +- .../crds/templates/crd-prometheuses.yaml | 222 +- .../crds/templates/crd-prometheusrules.yaml | 4 +- .../crds/templates/crd-scrapeconfigs.yaml | 2060 ++++++++++++++--- .../crds/templates/crd-servicemonitors.yaml | 10 +- .../crds/templates/crd-thanosrulers.yaml | 217 +- charts/k8s-monitoring/docs/HelmTests.md | 130 ++ charts/k8s-monitoring/docs/Troubleshooting.md | 35 +- .../agent_config/_profiles_ebpf.river.txt | 4 +- .../agent_config/_profiles_pprof.river.txt | 7 +- charts/k8s-monitoring/values.yaml | 191 +- 30 files changed, 2705 insertions(+), 538 deletions(-) create mode 100644 charts/k8s-monitoring/charts/grafana-agent/ci/nonroot-values.yaml create mode 100644 charts/k8s-monitoring/docs/HelmTests.md diff --git a/charts/k8s-monitoring/Chart.lock b/charts/k8s-monitoring/Chart.lock index 0842587..8a73412 100644 --- a/charts/k8s-monitoring/Chart.lock +++ b/charts/k8s-monitoring/Chart.lock @@ -1,16 +1,16 @@ dependencies: - name: grafana-agent repository: https://grafana.github.io/helm-charts - version: 0.37.0 + version: 0.38.0 - name: grafana-agent repository: https://grafana.github.io/helm-charts - version: 0.37.0 + version: 0.38.0 - name: grafana-agent repository: https://grafana.github.io/helm-charts - version: 0.37.0 + version: 0.38.0 - name: grafana-agent repository: https://grafana.github.io/helm-charts - version: 0.37.0 + version: 0.38.0 - name: kube-state-metrics repository: https://prometheus-community.github.io/helm-charts version: 5.18.1 @@ -19,12 +19,12 @@ dependencies: version: 4.32.0 - name: prometheus-operator-crds repository: https://prometheus-community.github.io/helm-charts - version: 10.0.0 + version: 11.0.0 - name: prometheus-windows-exporter repository: https://prometheus-community.github.io/helm-charts version: 0.3.1 - name: opencost repository: https://opencost.github.io/opencost-helm-chart - version: 1.33.1 -digest: sha256:9d5edfce638e0c137814e1dd36459f32283f765a9cdfd48d976e69ef6b6ce4f8 -generated: "2024-04-05T00:16:39.628394092Z" + version: 1.33.3 +digest: sha256:c6d6d90f49a350e95901c3eb6929e1df0e3a77946d266302a7a4efa01f62dc24 +generated: "2024-04-15T11:05:34.968771-05:00" diff --git a/charts/k8s-monitoring/Chart.yaml b/charts/k8s-monitoring/Chart.yaml index a9c3ff7..37fcc7d 100644 --- a/charts/k8s-monitoring/Chart.yaml +++ b/charts/k8s-monitoring/Chart.yaml @@ -1,24 +1,24 @@ apiVersion: v2 -appVersion: 2.1.3 +appVersion: 2.2.0 dependencies: - name: grafana-agent repository: https://grafana.github.io/helm-charts - version: 0.37.0 + version: 0.38.0 - alias: grafana-agent-events condition: logs.cluster_events.enabled name: grafana-agent repository: https://grafana.github.io/helm-charts - version: 0.37.0 + version: 0.38.0 - alias: grafana-agent-logs condition: logs.pod_logs.enabled name: grafana-agent repository: https://grafana.github.io/helm-charts - version: 0.37.0 + version: 0.38.0 - alias: grafana-agent-profiles condition: profiles.enabled name: grafana-agent repository: https://grafana.github.io/helm-charts - version: 0.37.0 + version: 0.38.0 - condition: kube-state-metrics.enabled name: kube-state-metrics repository: https://prometheus-community.github.io/helm-charts @@ -30,7 +30,7 @@ dependencies: - condition: prometheus-operator-crds.enabled name: prometheus-operator-crds repository: https://prometheus-community.github.io/helm-charts - version: 10.0.0 + version: 11.0.0 - condition: prometheus-windows-exporter.enabled name: prometheus-windows-exporter repository: https://prometheus-community.github.io/helm-charts @@ -38,7 +38,7 @@ dependencies: - condition: opencost.enabled name: opencost repository: https://opencost.github.io/opencost-helm-chart - version: 1.33.1 + version: 1.33.3 description: A Helm chart for gathering, scraping, and forwarding Kubernetes telemetry data to a Grafana Stack. icon: https://raw.githubusercontent.com/grafana/grafana/main/public/img/grafana_icon.svg @@ -51,4 +51,4 @@ name: k8s-monitoring sources: - https://github.com/grafana/k8s-monitoring-helm/tree/main/charts/k8s-monitoring type: application -version: 0.13.1 +version: 0.13.4 diff --git a/charts/k8s-monitoring/README.md b/charts/k8s-monitoring/README.md index e779f66..dbcbdde 100644 --- a/charts/k8s-monitoring/README.md +++ b/charts/k8s-monitoring/README.md @@ -3,7 +3,7 @@ # k8s-monitoring -![Version: 0.13.1](https://img.shields.io/badge/Version-0.13.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.1.3](https://img.shields.io/badge/AppVersion-2.1.3-informational?style=flat-square) +![Version: 0.13.4](https://img.shields.io/badge/Version-0.13.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.2.0](https://img.shields.io/badge/AppVersion-2.2.0-informational?style=flat-square) A Helm chart for gathering, scraping, and forwarding Kubernetes telemetry data to a Grafana Stack. @@ -101,14 +101,14 @@ The Prometheus and Loki services may be hosted on the same cluster, or remotely | Repository | Name | Version | |------------|------|---------| -| https://grafana.github.io/helm-charts | grafana-agent | 0.37.0 | -| https://grafana.github.io/helm-charts | grafana-agent-events(grafana-agent) | 0.37.0 | -| https://grafana.github.io/helm-charts | grafana-agent-logs(grafana-agent) | 0.37.0 | -| https://grafana.github.io/helm-charts | grafana-agent-profiles(grafana-agent) | 0.37.0 | -| https://opencost.github.io/opencost-helm-chart | opencost | 1.33.1 | +| https://grafana.github.io/helm-charts | grafana-agent | 0.38.0 | +| https://grafana.github.io/helm-charts | grafana-agent-events(grafana-agent) | 0.38.0 | +| https://grafana.github.io/helm-charts | grafana-agent-logs(grafana-agent) | 0.38.0 | +| https://grafana.github.io/helm-charts | grafana-agent-profiles(grafana-agent) | 0.38.0 | +| https://opencost.github.io/opencost-helm-chart | opencost | 1.33.3 | | https://prometheus-community.github.io/helm-charts | kube-state-metrics | 5.18.1 | | https://prometheus-community.github.io/helm-charts | prometheus-node-exporter | 4.32.0 | -| https://prometheus-community.github.io/helm-charts | prometheus-operator-crds | 10.0.0 | +| https://prometheus-community.github.io/helm-charts | prometheus-operator-crds | 11.0.0 | | https://prometheus-community.github.io/helm-charts | prometheus-windows-exporter | 0.3.1 | ## Values diff --git a/charts/k8s-monitoring/charts/grafana-agent/CHANGELOG.md b/charts/k8s-monitoring/charts/grafana-agent/CHANGELOG.md index 89b63a6..b38a40c 100644 --- a/charts/k8s-monitoring/charts/grafana-agent/CHANGELOG.md +++ b/charts/k8s-monitoring/charts/grafana-agent/CHANGELOG.md @@ -7,6 +7,13 @@ This document contains a historical list of changes between releases. Only changes that impact end-user behavior are listed; changes to documentation or internal API changes are not present. +0.38.0 (2024-04-12) +---------- + +### Enhancements + +- Update Grafana Agent version to v0.40.4. (@ptodev) + 0.37.0 (2024-03-14) ---------- diff --git a/charts/k8s-monitoring/charts/grafana-agent/Chart.lock b/charts/k8s-monitoring/charts/grafana-agent/Chart.lock index a815e19..f24ded8 100644 --- a/charts/k8s-monitoring/charts/grafana-agent/Chart.lock +++ b/charts/k8s-monitoring/charts/grafana-agent/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: "" version: 0.0.0 digest: sha256:1980431a3d80822fca2e67e9cf16ff7a7f8d1dc87deb9e44d50e85e3e8e33a81 -generated: "2024-03-14T17:06:58.169147702Z" +generated: "2024-04-12T14:53:43.763263778Z" diff --git a/charts/k8s-monitoring/charts/grafana-agent/Chart.yaml b/charts/k8s-monitoring/charts/grafana-agent/Chart.yaml index 7058ef7..6d76548 100644 --- a/charts/k8s-monitoring/charts/grafana-agent/Chart.yaml +++ b/charts/k8s-monitoring/charts/grafana-agent/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: v0.40.3 +appVersion: v0.40.4 dependencies: - condition: crds.create name: crds @@ -8,4 +8,4 @@ dependencies: description: Grafana Agent name: grafana-agent type: application -version: 0.37.0 +version: 0.38.0 diff --git a/charts/k8s-monitoring/charts/grafana-agent/README.md b/charts/k8s-monitoring/charts/grafana-agent/README.md index 66990c6..4952ca2 100644 --- a/charts/k8s-monitoring/charts/grafana-agent/README.md +++ b/charts/k8s-monitoring/charts/grafana-agent/README.md @@ -1,6 +1,6 @@ # Grafana Agent Helm chart -![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.37.0](https://img.shields.io/badge/Version-0.37.0-informational?style=flat-square) ![AppVersion: v0.40.3](https://img.shields.io/badge/AppVersion-v0.40.3-informational?style=flat-square) +![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.38.0](https://img.shields.io/badge/Version-0.38.0-informational?style=flat-square) ![AppVersion: v0.40.4](https://img.shields.io/badge/AppVersion-v0.40.4-informational?style=flat-square) Helm chart for deploying [Grafana Agent][] to Kubernetes. diff --git a/charts/k8s-monitoring/charts/grafana-agent/ci/nonroot-values.yaml b/charts/k8s-monitoring/charts/grafana-agent/ci/nonroot-values.yaml new file mode 100644 index 0000000..be6b79d --- /dev/null +++ b/charts/k8s-monitoring/charts/grafana-agent/ci/nonroot-values.yaml @@ -0,0 +1,7 @@ +global: + podSecurityContext: + fsGroup: 473 +agent: + securityContext: + runAsUser: 473 + runAsGroup: 473 diff --git a/charts/k8s-monitoring/charts/opencost/Chart.yaml b/charts/k8s-monitoring/charts/opencost/Chart.yaml index b8d9430..b89625d 100644 --- a/charts/k8s-monitoring/charts/opencost/Chart.yaml +++ b/charts/k8s-monitoring/charts/opencost/Chart.yaml @@ -16,4 +16,4 @@ maintainers: name: brito-rafa name: opencost type: application -version: 1.33.1 +version: 1.33.3 diff --git a/charts/k8s-monitoring/charts/opencost/README.md b/charts/k8s-monitoring/charts/opencost/README.md index 4d3d603..2509217 100644 --- a/charts/k8s-monitoring/charts/opencost/README.md +++ b/charts/k8s-monitoring/charts/opencost/README.md @@ -2,9 +2,11 @@ OpenCost and OpenCost UI -![Version: 1.33.1](https://img.shields.io/badge/Version-1.33.1-informational?style=flat-square) +![Version: 1.33.3](https://img.shields.io/badge/Version-1.33.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.109.0](https://img.shields.io/badge/AppVersion-1.109.0-informational?style=flat-square) +[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/opencost)](https://artifacthub.io/packages/search?repo=opencost) +[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/opencost-oci)](https://artifacthub.io/packages/search?repo=opencost-oci) ## Maintainers @@ -95,10 +97,10 @@ $ helm install opencost opencost/opencost | opencost.extraContainers | list | `[]` | extra sidecars to add to the pod. Useful for things like oauth-proxy for the UI | | opencost.metrics.config.disabledMetrics | list | `[]` | List of metrics to be disabled | | opencost.metrics.config.enabled | bool | `false` | Enables creating the metrics.json configuration as a ConfigMap | -| opencost.metrics.kubeStateMetrics.emitKsmV1Metrics | string | `""` | Enable emission of KSM v1 metrics | -| opencost.metrics.kubeStateMetrics.emitKsmV1MetricsOnly | string | `""` | Enable only emission of KSM v1 metrics that do not exist in KSM 2 by default | -| opencost.metrics.kubeStateMetrics.emitNamespaceAnnotations | string | `""` | Enable emission of namespace annotations | -| opencost.metrics.kubeStateMetrics.emitPodAnnotations | string | `""` | Enable emission of pod annotations | +| opencost.metrics.kubeStateMetrics.emitKsmV1Metrics | bool | `nil` | Enable emission of KSM v1 metrics | +| opencost.metrics.kubeStateMetrics.emitKsmV1MetricsOnly | bool | `nil` | Enable only emission of KSM v1 metrics that do not exist in KSM 2 by default | +| opencost.metrics.kubeStateMetrics.emitNamespaceAnnotations | bool | `nil` | Enable emission of namespace annotations | +| opencost.metrics.kubeStateMetrics.emitPodAnnotations | bool | `nil` | Enable emission of pod annotations | | opencost.metrics.serviceMonitor.additionalLabels | object | `{}` | Additional labels to add to the ServiceMonitor | | opencost.metrics.serviceMonitor.enabled | bool | `false` | Create ServiceMonitor resource for scraping metrics using PrometheusOperator | | opencost.metrics.serviceMonitor.extraEndpoints | list | `[]` | extra Endpoints to add to the ServiceMonitor. Useful for scraping sidecars | diff --git a/charts/k8s-monitoring/charts/opencost/README.md.gotmpl b/charts/k8s-monitoring/charts/opencost/README.md.gotmpl index 6747337..70e2411 100644 --- a/charts/k8s-monitoring/charts/opencost/README.md.gotmpl +++ b/charts/k8s-monitoring/charts/opencost/README.md.gotmpl @@ -5,6 +5,9 @@ {{ template "chart.versionBadge" . }} {{ template "chart.typeBadge" . }} {{ template "chart.appVersionBadge" . }} +[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/opencost)](https://artifacthub.io/packages/search?repo=opencost) +[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/opencost-oci)](https://artifacthub.io/packages/search?repo=opencost-oci) + {{ template "chart.maintainersSection" . }} diff --git a/charts/k8s-monitoring/charts/opencost/templates/deployment.yaml b/charts/k8s-monitoring/charts/opencost/templates/deployment.yaml index 2dd1660..cc42e65 100644 --- a/charts/k8s-monitoring/charts/opencost/templates/deployment.yaml +++ b/charts/k8s-monitoring/charts/opencost/templates/deployment.yaml @@ -204,21 +204,21 @@ spec: value: {{ .Values.opencost.cloudCost.queryWindowDays | quote }} - name: CLOUD_COST_RUN_WINDOW_DAYS value: {{ .Values.opencost.cloudCost.runWindowDays | quote }} - {{- if .Values.opencost.metrics.kubeStateMetrics.emitPodAnnotations }} + {{- if not (quote .Values.opencost.metrics.kubeStateMetrics.emitPodAnnotations | empty ) }} - name: EMIT_POD_ANNOTATIONS_METRIC - value: {{ ( .Values.opencost.metrics.kubeStateMetrics.emitPodAnnotations) | quote }} + value: {{ .Values.opencost.metrics.kubeStateMetrics.emitPodAnnotations | quote }} {{- end }} - {{- if .Values.opencost.metrics.kubeStateMetrics.emitNamespaceAnnotations }} + {{- if not (quote .Values.opencost.metrics.kubeStateMetrics.emitNamespaceAnnotations | empty ) }} - name: EMIT_NAMESPACE_ANNOTATIONS_METRIC - value: {{ ( .Values.opencost.metrics.kubeStateMetrics.emitNamespaceAnnotations) | quote}} + value: {{ .Values.opencost.metrics.kubeStateMetrics.emitNamespaceAnnotations | quote }} {{- end }} - {{- if .Values.opencost.metrics.kubeStateMetrics.emitKsmV1Metrics }} + {{- if not (quote .Values.opencost.metrics.kubeStateMetrics.emitKsmV1Metrics | empty ) }} - name: EMIT_KSM_V1_METRICS - value: {{ ( .Values.opencost.metrics.kubeStateMetrics.emitKsmV1Metrics) | quote }} + value: {{ .Values.opencost.metrics.kubeStateMetrics.emitKsmV1Metrics | quote }} {{- end }} - {{- if .Values.opencost.metrics.kubeStateMetrics.emitKsmV1MetricsOnly }} + {{- if not (quote .Values.opencost.metrics.kubeStateMetrics.emitKsmV1MetricsOnly | empty ) }} - name: EMIT_KSM_V1_METRICS_ONLY - value: {{ ( .Values.opencost.metrics.kubeStateMetrics.emitKsmV1MetricsOnly) | quote }} + value: {{ .Values.opencost.metrics.kubeStateMetrics.emitKsmV1MetricsOnly | quote }} {{- end }} # Add any additional provided variables {{- range $key, $value := .Values.opencost.exporter.extraEnv }} diff --git a/charts/k8s-monitoring/charts/opencost/values.yaml b/charts/k8s-monitoring/charts/opencost/values.yaml index 7a6d8b3..f8a4f00 100644 --- a/charts/k8s-monitoring/charts/opencost/values.yaml +++ b/charts/k8s-monitoring/charts/opencost/values.yaml @@ -259,14 +259,14 @@ opencost: metrics: kubeStateMetrics: - # -- Enable emission of pod annotations - emitPodAnnotations: "" - # -- Enable emission of namespace annotations - emitNamespaceAnnotations: "" - # -- Enable emission of KSM v1 metrics - emitKsmV1Metrics: "" - # -- Enable only emission of KSM v1 metrics that do not exist in KSM 2 by default - emitKsmV1MetricsOnly: "" + # -- (bool) Enable emission of pod annotations + emitPodAnnotations: ~ + # -- (bool) Enable emission of namespace annotations + emitNamespaceAnnotations: ~ + # -- (bool) Enable emission of KSM v1 metrics + emitKsmV1Metrics: ~ + # -- (bool) Enable only emission of KSM v1 metrics that do not exist in KSM 2 by default + emitKsmV1MetricsOnly: ~ serviceMonitor: # -- Create ServiceMonitor resource for scraping metrics using PrometheusOperator diff --git a/charts/k8s-monitoring/charts/prometheus-operator-crds/Chart.lock b/charts/k8s-monitoring/charts/prometheus-operator-crds/Chart.lock index fe37eae..bbc2f19 100644 --- a/charts/k8s-monitoring/charts/prometheus-operator-crds/Chart.lock +++ b/charts/k8s-monitoring/charts/prometheus-operator-crds/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: "" version: 0.0.0 digest: sha256:aeada3fbffa2565a325406ad014001fd2685f7c0c9cfc1167da4f10c75a1bd65 -generated: "2024-03-12T09:59:01.434712516Z" +generated: "2024-04-06T20:25:07.12586694Z" diff --git a/charts/k8s-monitoring/charts/prometheus-operator-crds/Chart.yaml b/charts/k8s-monitoring/charts/prometheus-operator-crds/Chart.yaml index f5a59cf..1983ce8 100644 --- a/charts/k8s-monitoring/charts/prometheus-operator-crds/Chart.yaml +++ b/charts/k8s-monitoring/charts/prometheus-operator-crds/Chart.yaml @@ -10,7 +10,7 @@ annotations: - name: QuentinBisson email: quentin.bisson@gmail.com apiVersion: v2 -appVersion: v0.72.0 +appVersion: v0.73.0 dependencies: - name: crds repository: "" @@ -35,4 +35,4 @@ name: prometheus-operator-crds sources: - https://github.com/prometheus-community/helm-charts type: application -version: 10.0.0 +version: 11.0.0 diff --git a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagerconfigs.yaml b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagerconfigs.yaml index 8da10fb..051cc4c 100644 --- a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagerconfigs.yaml +++ b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagerconfigs.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,7 +8,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.72.0 + operator.prometheus.io/version: 0.73.0 name: alertmanagerconfigs.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -169,7 +169,7 @@ spec: by name (e.g 'January') by numerical month (e.g '1') or as an inclusive range (e.g 'January:March', '1:3', '1:March') - pattern: ^((?i)january|february|march|april|may|june|july|august|september|october|november|december|[1-12])(?:((:((?i)january|february|march|april|may|june|july|august|september|october|november|december|[1-12]))$)|$) + pattern: ^((?i)january|february|march|april|may|june|july|august|september|october|november|december|1[0-2]|[1-9])(?:((:((?i)january|february|march|april|may|june|july|august|september|october|november|december|1[0-2]|[1-9]))$)|$) type: string type: array times: @@ -1199,6 +1199,10 @@ spec: sendResolved: description: Whether to notify about resolved alerts. type: boolean + summary: + description: Message summary template. It requires Alertmanager + >= 0.27.0. + type: string text: description: Message body template. type: string diff --git a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagers.yaml b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagers.yaml index b6ef3bc..977decd 100644 --- a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagers.yaml +++ b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagers.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,7 +8,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.72.0 + operator.prometheus.io/version: 0.73.0 name: alertmanagers.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -1168,9 +1168,10 @@ spec: type: object x-kubernetes-map-type: atomic alertmanagerConfiguration: - description: 'EXPERIMENTAL: alertmanagerConfiguration specifies the - configuration of Alertmanager. If defined, it takes precedence over - the `configSecret` field. This field may change in future releases.' + description: "alertmanagerConfiguration specifies the configuration + of Alertmanager. \n If defined, it takes precedence over the `configSecret` + field. \n This is an *experimental feature*, it may change in any + upcoming release in a breaking way." properties: global: description: Defines the global parameters of the Alertmanager @@ -3093,6 +3094,15 @@ spec: - name type: object type: array + enableFeatures: + description: "Enable access to Alertmanager feature flags. By default, + no features are enabled. Enabling features which are disabled by + default is entirely outside the scope of what the maintainers will + support and by doing so, you accept that this behaviour may break + at any time without notice. \n It requires Alertmanager >= 0.27.0." + items: + type: string + type: array externalUrl: description: The external URL the Alertmanager instances will be available under. This is necessary to generate correct URLs. This is necessary diff --git a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-podmonitors.yaml b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-podmonitors.yaml index bd1ab9e..88f0aff 100644 --- a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-podmonitors.yaml +++ b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-podmonitors.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,7 +8,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.72.0 + operator.prometheus.io/version: 0.73.0 name: podmonitors.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -53,6 +53,12 @@ spec: permission on the `Nodes` objects. type: boolean type: object + bodySizeLimit: + description: "When defined, bodySizeLimit specifies a job level limit + on the size of uncompressed response body that will be accepted + by Prometheus. \n It requires Prometheus >= v2.28.0." + pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ + type: string jobLabel: description: "The label to use to retrieve the job name from. `jobLabel` selects the label from the associated Kubernetes `Pod` object which diff --git a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-probes.yaml b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-probes.yaml index cdc8093..c6807f1 100644 --- a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-probes.yaml +++ b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-probes.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,7 +8,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.72.0 + operator.prometheus.io/version: 0.73.0 name: probes.monitoring.coreos.com spec: group: monitoring.coreos.com diff --git a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusagents.yaml b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusagents.yaml index 9b23939..2258fa1 100644 --- a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusagents.yaml +++ b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusagents.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,7 +8,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.72.0 + operator.prometheus.io/version: 0.73.0 name: prometheusagents.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -2764,9 +2764,9 @@ spec: limit on the number of scraped samples that will be accepted. This overrides any `spec.sampleLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.sampleLimit` is greater than zero and - less than than `spec.enforcedSampleLimit`. \n It is meant to be - used by admins to keep the overall number of samples/series under - a desired limit." + less than `spec.enforcedSampleLimit`. \n It is meant to be used + by admins to keep the overall number of samples/series under a desired + limit." format: int64 type: integer enforcedTargetLimit: @@ -4406,17 +4406,17 @@ spec: type: object x-kubernetes-map-type: atomic podMonitorSelector: - description: "*Experimental* PodMonitors to be selected for target - discovery. An empty label selector matches all objects. A null label - selector matches no objects. \n If `spec.serviceMonitorSelector`, - `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` - are null, the Prometheus configuration is unmanaged. The Prometheus - operator will ensure that the Prometheus configuration's Secret - exists, but it is the responsibility of the user to provide the - raw gzipped Prometheus configuration under the `prometheus.yaml.gz` - key. This behavior is *deprecated* and will be removed in the next - major version of the custom resource definition. It is recommended - to use `spec.additionalScrapeConfigs` instead." + description: "PodMonitors to be selected for target discovery. An + empty label selector matches all objects. A null label selector + matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, + `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the + Prometheus configuration is unmanaged. The Prometheus operator will + ensure that the Prometheus configuration's Secret exists, but it + is the responsibility of the user to provide the raw gzipped Prometheus + configuration under the `prometheus.yaml.gz` key. This behavior + is *deprecated* and will be removed in the next major version of + the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` + instead." properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -4475,9 +4475,9 @@ spec: description: Priority class assigned to the Pods. type: string probeNamespaceSelector: - description: '*Experimental* Namespaces to match for Probe discovery. - An empty label selector matches all namespaces. A null label selector - matches the current namespace only.' + description: Namespaces to match for Probe discovery. An empty label + selector matches all namespaces. A null label selector matches the + current namespace only. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -4522,9 +4522,9 @@ spec: type: object x-kubernetes-map-type: atomic probeSelector: - description: "*Experimental* Probes to be selected for target discovery. - An empty label selector matches all objects. A null label selector - matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, + description: "Probes to be selected for target discovery. An empty + label selector matches all objects. A null label selector matches + no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it @@ -4889,6 +4889,7 @@ spec: batchSendDeadline: description: BatchSendDeadline is the maximum time a sample will wait in buffer. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string capacity: description: Capacity is the number of samples to buffer @@ -4896,6 +4897,7 @@ spec: type: integer maxBackoff: description: MaxBackoff is the maximum retry delay. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string maxRetries: description: MaxRetries is the maximum number of times to @@ -4912,16 +4914,23 @@ spec: minBackoff: description: MinBackoff is the initial retry delay. Gets doubled for every retry. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string minShards: description: MinShards is the minimum number of shards, i.e. amount of concurrency. type: integer retryOnRateLimit: - description: Retry upon receiving a 429 status code from - the remote-write storage. This is experimental feature - and might change in the future. + description: "Retry upon receiving a 429 status code from + the remote-write storage. \n This is an *experimental + feature*, it may change in any upcoming release in a breaking + way." type: boolean + sampleAgeLimit: + description: SampleAgeLimit drops samples older than the + limit. It requires Prometheus >= v2.50.0. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string type: object remoteTimeout: description: Timeout for requests to the remote write endpoint. @@ -5283,9 +5292,10 @@ spec: format: int64 type: integer scrapeClasses: - description: EXPERIMENTAL List of scrape classes to expose to monitors - and other scrape configs. This is experimental feature and might - change in the future. + description: "List of scrape classes to expose to scraping objects + such as PodMonitors, ServiceMonitors, Probes and ScrapeConfigs. + \n This is an *experimental feature*, it may change in any upcoming + release in a breaking way." items: properties: default: @@ -5297,6 +5307,88 @@ spec: description: Name of the scrape class. minLength: 1 type: string + relabelings: + description: "Relabelings configures the relabeling rules to + apply to all scrape targets. \n The Operator automatically + adds relabelings for a few standard Kubernetes fields like + `__meta_kubernetes_namespace` and `__meta_kubernetes_service_name`. + Then the Operator adds the scrape class relabelings defined + here. Then the Operator adds the target-specific relabelings + defined in the scrape object. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + items: + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is + `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. + type: string + replacement: + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." + type: string + separator: + description: Separator is the string between concatenated + SourceLabels. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + Separator and matched against the configured regular + expression. + items: + description: LabelName is a valid Prometheus label name + which may only contain ASCII letters, numbers, as + well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and + `DropEqual` actions. \n Regex capture groups are available." + type: string + type: object + type: array tlsConfig: description: TLSConfig section for scrapes. properties: @@ -5436,9 +5528,10 @@ spec: - name x-kubernetes-list-type: map scrapeConfigNamespaceSelector: - description: Namespaces to match for ScrapeConfig discovery. An empty + description: "Namespaces to match for ScrapeConfig discovery. An empty label selector matches all namespaces. A null label selector matches - the current current namespace only. + the current namespace only. \n Note that the ScrapeConfig custom + resource definition is currently at Alpha level." properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -5483,17 +5576,18 @@ spec: type: object x-kubernetes-map-type: atomic scrapeConfigSelector: - description: "*Experimental* ScrapeConfigs to be selected for target - discovery. An empty label selector matches all objects. A null label - selector matches no objects. \n If `spec.serviceMonitorSelector`, - `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` - are null, the Prometheus configuration is unmanaged. The Prometheus - operator will ensure that the Prometheus configuration's Secret - exists, but it is the responsibility of the user to provide the - raw gzipped Prometheus configuration under the `prometheus.yaml.gz` - key. This behavior is *deprecated* and will be removed in the next - major version of the custom resource definition. It is recommended - to use `spec.additionalScrapeConfigs` instead." + description: "ScrapeConfigs to be selected for target discovery. An + empty label selector matches all objects. A null label selector + matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, + `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the + Prometheus configuration is unmanaged. The Prometheus operator will + ensure that the Prometheus configuration's Secret exists, but it + is the responsibility of the user to provide the raw gzipped Prometheus + configuration under the `prometheus.yaml.gz` key. This behavior + is *deprecated* and will be removed in the next major version of + the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` + instead. \n Note that the ScrapeConfig custom resource definition + is currently at Alpha level." properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -5847,13 +5941,13 @@ spec: type: object x-kubernetes-map-type: atomic shards: - description: "EXPERIMENTAL: Number of shards to distribute targets - onto. `spec.replicas` multiplied by `spec.shards` is the total number - of Pods created. \n Note that scaling down shards will not reshard - data onto remaining instances, it must be manually moved. Increasing - shards will not reshard data either but it will continue to be available - from the same instances. To query globally, use Thanos sidecar and - Thanos querier or remote write data to a central location. \n Sharding + description: "Number of shards to distribute targets onto. `spec.replicas` + multiplied by `spec.shards` is the total number of Pods created. + \n Note that scaling down shards will not reshard data onto remaining + instances, it must be manually moved. Increasing shards will not + reshard data either but it will continue to be available from the + same instances. To query globally, use Thanos sidecar and Thanos + querier or remote write data to a central location. \n Sharding is performed on the content of the `__address__` target meta-label for PodMonitors and ServiceMonitors and `__param_target__` for Probes. \n Default: 1" @@ -6811,9 +6905,9 @@ spec: type: object type: array tracingConfig: - description: 'EXPERIMENTAL: TracingConfig configures tracing in Prometheus. - This is an experimental feature, it may change in any upcoming release - in a breaking way.' + description: "TracingConfig configures tracing in Prometheus. \n This + is an *experimental feature*, it may change in any upcoming release + in a breaking way." properties: clientType: description: Client used to export the traces. Supported values diff --git a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheuses.yaml b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheuses.yaml index 9a8b707..d787395 100644 --- a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheuses.yaml +++ b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheuses.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,7 +8,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.72.0 + operator.prometheus.io/version: 0.73.0 name: prometheuses.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -3176,9 +3176,9 @@ spec: limit on the number of scraped samples that will be accepted. This overrides any `spec.sampleLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.sampleLimit` is greater than zero and - less than than `spec.enforcedSampleLimit`. \n It is meant to be - used by admins to keep the overall number of samples/series under - a desired limit." + less than `spec.enforcedSampleLimit`. \n It is meant to be used + by admins to keep the overall number of samples/series under a desired + limit." format: int64 type: integer enforcedTargetLimit: @@ -4837,17 +4837,17 @@ spec: type: object x-kubernetes-map-type: atomic podMonitorSelector: - description: "*Experimental* PodMonitors to be selected for target - discovery. An empty label selector matches all objects. A null label - selector matches no objects. \n If `spec.serviceMonitorSelector`, - `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` - are null, the Prometheus configuration is unmanaged. The Prometheus - operator will ensure that the Prometheus configuration's Secret - exists, but it is the responsibility of the user to provide the - raw gzipped Prometheus configuration under the `prometheus.yaml.gz` - key. This behavior is *deprecated* and will be removed in the next - major version of the custom resource definition. It is recommended - to use `spec.additionalScrapeConfigs` instead." + description: "PodMonitors to be selected for target discovery. An + empty label selector matches all objects. A null label selector + matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, + `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the + Prometheus configuration is unmanaged. The Prometheus operator will + ensure that the Prometheus configuration's Secret exists, but it + is the responsibility of the user to provide the raw gzipped Prometheus + configuration under the `prometheus.yaml.gz` key. This behavior + is *deprecated* and will be removed in the next major version of + the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` + instead." properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -4906,9 +4906,9 @@ spec: description: Priority class assigned to the Pods. type: string probeNamespaceSelector: - description: '*Experimental* Namespaces to match for Probe discovery. - An empty label selector matches all namespaces. A null label selector - matches the current namespace only.' + description: Namespaces to match for Probe discovery. An empty label + selector matches all namespaces. A null label selector matches the + current namespace only. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -4953,9 +4953,9 @@ spec: type: object x-kubernetes-map-type: atomic probeSelector: - description: "*Experimental* Probes to be selected for target discovery. - An empty label selector matches all objects. A null label selector - matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, + description: "Probes to be selected for target discovery. An empty + label selector matches all objects. A null label selector matches + no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it @@ -5743,6 +5743,7 @@ spec: batchSendDeadline: description: BatchSendDeadline is the maximum time a sample will wait in buffer. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string capacity: description: Capacity is the number of samples to buffer @@ -5750,6 +5751,7 @@ spec: type: integer maxBackoff: description: MaxBackoff is the maximum retry delay. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string maxRetries: description: MaxRetries is the maximum number of times to @@ -5766,16 +5768,23 @@ spec: minBackoff: description: MinBackoff is the initial retry delay. Gets doubled for every retry. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string minShards: description: MinShards is the minimum number of shards, i.e. amount of concurrency. type: integer retryOnRateLimit: - description: Retry upon receiving a 429 status code from - the remote-write storage. This is experimental feature - and might change in the future. + description: "Retry upon receiving a 429 status code from + the remote-write storage. \n This is an *experimental + feature*, it may change in any upcoming release in a breaking + way." type: boolean + sampleAgeLimit: + description: SampleAgeLimit drops samples older than the + limit. It requires Prometheus >= v2.50.0. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string type: object remoteTimeout: description: Timeout for requests to the remote write endpoint. @@ -6263,9 +6272,10 @@ spec: format: int64 type: integer scrapeClasses: - description: EXPERIMENTAL List of scrape classes to expose to monitors - and other scrape configs. This is experimental feature and might - change in the future. + description: "List of scrape classes to expose to scraping objects + such as PodMonitors, ServiceMonitors, Probes and ScrapeConfigs. + \n This is an *experimental feature*, it may change in any upcoming + release in a breaking way." items: properties: default: @@ -6277,6 +6287,88 @@ spec: description: Name of the scrape class. minLength: 1 type: string + relabelings: + description: "Relabelings configures the relabeling rules to + apply to all scrape targets. \n The Operator automatically + adds relabelings for a few standard Kubernetes fields like + `__meta_kubernetes_namespace` and `__meta_kubernetes_service_name`. + Then the Operator adds the scrape class relabelings defined + here. Then the Operator adds the target-specific relabelings + defined in the scrape object. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + items: + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is + `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. + type: string + replacement: + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." + type: string + separator: + description: Separator is the string between concatenated + SourceLabels. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + Separator and matched against the configured regular + expression. + items: + description: LabelName is a valid Prometheus label name + which may only contain ASCII letters, numbers, as + well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and + `DropEqual` actions. \n Regex capture groups are available." + type: string + type: object + type: array tlsConfig: description: TLSConfig section for scrapes. properties: @@ -6416,9 +6508,10 @@ spec: - name x-kubernetes-list-type: map scrapeConfigNamespaceSelector: - description: Namespaces to match for ScrapeConfig discovery. An empty + description: "Namespaces to match for ScrapeConfig discovery. An empty label selector matches all namespaces. A null label selector matches - the current current namespace only. + the current namespace only. \n Note that the ScrapeConfig custom + resource definition is currently at Alpha level." properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -6463,17 +6556,18 @@ spec: type: object x-kubernetes-map-type: atomic scrapeConfigSelector: - description: "*Experimental* ScrapeConfigs to be selected for target - discovery. An empty label selector matches all objects. A null label - selector matches no objects. \n If `spec.serviceMonitorSelector`, - `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` - are null, the Prometheus configuration is unmanaged. The Prometheus - operator will ensure that the Prometheus configuration's Secret - exists, but it is the responsibility of the user to provide the - raw gzipped Prometheus configuration under the `prometheus.yaml.gz` - key. This behavior is *deprecated* and will be removed in the next - major version of the custom resource definition. It is recommended - to use `spec.additionalScrapeConfigs` instead." + description: "ScrapeConfigs to be selected for target discovery. An + empty label selector matches all objects. A null label selector + matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, + `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the + Prometheus configuration is unmanaged. The Prometheus operator will + ensure that the Prometheus configuration's Secret exists, but it + is the responsibility of the user to provide the raw gzipped Prometheus + configuration under the `prometheus.yaml.gz` key. This behavior + is *deprecated* and will be removed in the next major version of + the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` + instead. \n Note that the ScrapeConfig custom resource definition + is currently at Alpha level." properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -6831,13 +6925,13 @@ spec: digest can be specified as part of the image name.' type: string shards: - description: "EXPERIMENTAL: Number of shards to distribute targets - onto. `spec.replicas` multiplied by `spec.shards` is the total number - of Pods created. \n Note that scaling down shards will not reshard - data onto remaining instances, it must be manually moved. Increasing - shards will not reshard data either but it will continue to be available - from the same instances. To query globally, use Thanos sidecar and - Thanos querier or remote write data to a central location. \n Sharding + description: "Number of shards to distribute targets onto. `spec.replicas` + multiplied by `spec.shards` is the total number of Pods created. + \n Note that scaling down shards will not reshard data onto remaining + instances, it must be manually moved. Increasing shards will not + reshard data either but it will continue to be available from the + same instances. To query globally, use Thanos sidecar and Thanos + querier or remote write data to a central location. \n Sharding is performed on the content of the `__address__` target meta-label for PodMonitors and ServiceMonitors and `__param_target__` for Probes. \n Default: 1" @@ -7582,9 +7676,7 @@ spec: format: int64 type: integer thanos: - description: "Defines the configuration of the optional Thanos sidecar. - \n This section is experimental, it may change significantly without - deprecation notice in any release." + description: Defines the configuration of the optional Thanos sidecar. properties: additionalArgs: description: AdditionalArgs allows setting additional arguments @@ -7904,10 +7996,10 @@ spec: type: string tracingConfig: description: "Defines the tracing configuration for the Thanos - sidecar. \n More info: https://thanos.io/tip/thanos/tracing.md/ - \n This is an experimental feature, it may change in any upcoming - release in a breaking way. \n tracingConfigFile takes precedence - over this field." + sidecar. \n `tracingConfigFile` takes precedence over this field. + \n More info: https://thanos.io/tip/thanos/tracing.md/ \n This + is an *experimental feature*, it may change in any upcoming + release in a breaking way." properties: key: description: The key of the secret to select from. Must be @@ -7927,10 +8019,10 @@ spec: x-kubernetes-map-type: atomic tracingConfigFile: description: "Defines the tracing configuration file for the Thanos - sidecar. \n More info: https://thanos.io/tip/thanos/tracing.md/ - \n This is an experimental feature, it may change in any upcoming - release in a breaking way. \n This field takes precedence over - tracingConfig." + sidecar. \n This field takes precedence over `tracingConfig`. + \n More info: https://thanos.io/tip/thanos/tracing.md/ \n This + is an *experimental feature*, it may change in any upcoming + release in a breaking way." type: string version: description: "Version of Thanos being deployed. The operator uses @@ -8200,9 +8292,9 @@ spec: type: object type: array tracingConfig: - description: 'EXPERIMENTAL: TracingConfig configures tracing in Prometheus. - This is an experimental feature, it may change in any upcoming release - in a breaking way.' + description: "TracingConfig configures tracing in Prometheus. \n This + is an *experimental feature*, it may change in any upcoming release + in a breaking way." properties: clientType: description: Client used to export the traces. Supported values @@ -8386,9 +8478,9 @@ spec: description: "Configures how old an out-of-order/out-of-bounds sample can be with respect to the TSDB max time. \n An out-of-order/out-of-bounds sample is ingested into the TSDB as long as the timestamp of - the sample is >= (TSDB.MaxTime - outOfOrderTimeWindow). \n Out - of order ingestion is an experimental feature. \n It requires - Prometheus >= v2.39.0." + the sample is >= (TSDB.MaxTime - outOfOrderTimeWindow). \n This + is an *experimental feature*, it may change in any upcoming + release in a breaking way. \n It requires Prometheus >= v2.39.0." pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object diff --git a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusrules.yaml b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusrules.yaml index 3722f4d..e8ec98d 100644 --- a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusrules.yaml +++ b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusrules.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,7 +8,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.72.0 + operator.prometheus.io/version: 0.73.0 name: prometheusrules.monitoring.coreos.com spec: group: monitoring.coreos.com diff --git a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-scrapeconfigs.yaml b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-scrapeconfigs.yaml index b2cca3f..3343a9b 100644 --- a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-scrapeconfigs.yaml +++ b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-scrapeconfigs.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,7 +8,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.72.0 + operator.prometheus.io/version: 0.73.0 name: scrapeconfigs.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -955,43 +955,99 @@ spec: - names type: object type: array - ec2SDConfigs: - description: EC2SDConfigs defines a list of EC2 service discovery + dockerSDConfigs: + description: DockerSDConfigs defines a list of Docker service discovery configurations. items: - description: EC2SDConfig allow retrieving scrape targets from AWS - EC2 instances. The private IP address is used by default, but - may be changed to the public IP address with relabeling. The IAM - credentials used must have the ec2:DescribeInstances permission - to discover scrape targets See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ec2_sd_config + description: Docker SD configurations allow retrieving scrape targets + from Docker Engine hosts. This SD discovers "containers" and will + create a target for each network IP and port the container is + configured to expose. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#docker_sd_config properties: - accessKey: - description: AccessKey is the AWS API key. + authorization: + description: Authorization header configuration to authenticate + against the Docker API. Cannot be set at the same time as + `oauth2`. properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + credentials: + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key type: object - x-kubernetes-map-type: atomic + basicAuth: + description: BasicAuth information to use on every scrape request. + properties: + password: + description: '`password` specifies a key of a Secret containing + the password for authentication.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: '`username` specifies a key of a Secret containing + the username for authentication.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + enableHTTP2: + description: Whether to enable HTTP2. + type: boolean filters: - description: 'Filters can be used optionally to filter the instance - list by other criteria. Available filter criteria can be found - here: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html - Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html' + description: Optional filters to limit the discovery process + to a subset of the available resources. items: - description: EC2Filter is the configuration for filtering - EC2 instances. + description: DockerFilter is the configuration to limit the + discovery process to a subset of available resources. properties: name: type: string @@ -1004,143 +1060,1466 @@ spec: - values type: object type: array - port: - description: The port to scrape metrics from. If using the public - IP address, this must instead be specified in the relabeling - rule. - type: integer - refreshInterval: - description: RefreshInterval configures the refresh interval - at which Prometheus will re-read the instance list. - pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + followRedirects: + description: Configure whether HTTP requests follow HTTP 3xx + redirects. + type: boolean + host: + description: Address of the docker daemon + minLength: 1 type: string - region: - description: The AWS region + hostNetworkingHost: + description: The host to use if the container is in host networking + mode. type: string - roleARN: - description: AWS Role ARN, an alternative to using AWS API keys. + noProxy: + description: "`noProxy` is a comma-separated string that can + contain IPs, CIDR notation, domain names that should be excluded + from proxying. IP and domain names can contain port numbers. + \n It requires Prometheus >= v2.43.0." type: string - secretKey: - description: SecretKey is the AWS API secret. + oauth2: + description: Optional OAuth 2.0 configuration. Cannot be set + at the same time as `authorization`. properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. + clientId: + description: '`clientId` specifies a key of a Secret or + ConfigMap containing the OAuth2 client''s ID.' + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: '`clientSecret` specifies a key of a Secret + containing the OAuth2 client''s secret.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: '`endpointParams` configures the HTTP parameters + to append to the token URL.' + type: object + scopes: + description: '`scopes` defines the OAuth2 scopes used for + the token request.' + items: + type: string + type: array + tokenUrl: + description: '`tokenURL` configures the URL to fetch the + token from.' + minLength: 1 type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + required: + - clientId + - clientSecret + - tokenUrl + type: object + port: + description: The port to scrape metrics from. + type: integer + proxyConnectHeader: + additionalProperties: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + description: "ProxyConnectHeader optionally specifies headers + to send to proxies during CONNECT requests. \n It requires + Prometheus >= v2.43.0." + type: object + x-kubernetes-map-type: atomic + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined + by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + If unset, Prometheus uses its default value. \n It requires + Prometheus >= v2.43.0." + type: boolean + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use. + \n It requires Prometheus >= v2.43.0." + pattern: ^http(s)?://.+$ + type: string + refreshInterval: + description: Time after which the container is refreshed. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + tlsConfig: + description: TLS configuration applying to the target HTTP endpoint. + properties: + ca: + description: Certificate authority used when verifying server + certificates. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Client certificate to present when doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - host + type: object + type: array + ec2SDConfigs: + description: EC2SDConfigs defines a list of EC2 service discovery + configurations. + items: + description: EC2SDConfig allow retrieving scrape targets from AWS + EC2 instances. The private IP address is used by default, but + may be changed to the public IP address with relabeling. The IAM + credentials used must have the ec2:DescribeInstances permission + to discover scrape targets See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ec2_sd_config + properties: + accessKey: + description: AccessKey is the AWS API key. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + filters: + description: 'Filters can be used optionally to filter the instance + list by other criteria. Available filter criteria can be found + here: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html + Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html' + items: + description: EC2Filter is the configuration for filtering + EC2 instances. + properties: + name: + type: string + values: + items: + type: string + type: array + required: + - name + - values + type: object + type: array + port: + description: The port to scrape metrics from. If using the public + IP address, this must instead be specified in the relabeling + rule. + type: integer + refreshInterval: + description: RefreshInterval configures the refresh interval + at which Prometheus will re-read the instance list. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + region: + description: The AWS region + type: string + roleARN: + description: AWS Role ARN, an alternative to using AWS API keys. + type: string + secretKey: + description: SecretKey is the AWS API secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + enableCompression: + description: "When false, Prometheus will request uncompressed response + from the scraped target. \n It requires Prometheus >= v2.49.0. \n + If unset, Prometheus uses true by default." + type: boolean + eurekaSDConfigs: + description: EurekaSDConfigs defines a list of Eureka service discovery + configurations. + items: + description: Eureka SD configurations allow retrieving scrape targets + using the Eureka REST API. Prometheus will periodically check + the REST endpoint and create a target for every app instance. + See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#eureka_sd_config + properties: + authorization: + description: Authorization header to use on every scrape request. + properties: + credentials: + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" + type: string + type: object + basicAuth: + description: BasicAuth information to use on every scrape request. + properties: + password: + description: '`password` specifies a key of a Secret containing + the password for authentication.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: '`username` specifies a key of a Secret containing + the username for authentication.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + enableHTTP2: + description: Whether to enable HTTP2. + type: boolean + followRedirects: + description: Configure whether HTTP requests follow HTTP 3xx + redirects. + type: boolean + noProxy: + description: "`noProxy` is a comma-separated string that can + contain IPs, CIDR notation, domain names that should be excluded + from proxying. IP and domain names can contain port numbers. + \n It requires Prometheus >= v2.43.0." + type: string + oauth2: + description: Optional OAuth 2.0 configuration. Cannot be set + at the same time as `authorization` or `basic_auth`. + properties: + clientId: + description: '`clientId` specifies a key of a Secret or + ConfigMap containing the OAuth2 client''s ID.' + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: '`clientSecret` specifies a key of a Secret + containing the OAuth2 client''s secret.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: '`endpointParams` configures the HTTP parameters + to append to the token URL.' + type: object + scopes: + description: '`scopes` defines the OAuth2 scopes used for + the token request.' + items: + type: string + type: array + tokenUrl: + description: '`tokenURL` configures the URL to fetch the + token from.' + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyConnectHeader: + additionalProperties: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + description: "ProxyConnectHeader optionally specifies headers + to send to proxies during CONNECT requests. \n It requires + Prometheus >= v2.43.0." + type: object + x-kubernetes-map-type: atomic + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined + by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + If unset, Prometheus uses its default value. \n It requires + Prometheus >= v2.43.0." + type: boolean + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use. + \n It requires Prometheus >= v2.43.0." + pattern: ^http(s)?://.+$ + type: string + refreshInterval: + description: Refresh interval to re-read the instance list. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + server: + description: The URL to connect to the Eureka server. + minLength: 1 + type: string + tlsConfig: + description: TLS configuration applying to the target HTTP endpoint. + properties: + ca: + description: Certificate authority used when verifying server + certificates. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Client certificate to present when doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - server + type: object + type: array + fileSDConfigs: + description: FileSDConfigs defines a list of file service discovery + configurations. + items: + description: FileSDConfig defines a Prometheus file service discovery + configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#file_sd_config + properties: + files: + description: 'List of files to be used for file discovery. Recommendation: + use absolute paths. While relative paths work, the prometheus-operator + project makes no guarantees about the working directory where + the configuration file is stored. Files must be mounted using + Prometheus.ConfigMaps or Prometheus.Secrets.' + items: + description: SDFile represents a file used for service discovery + pattern: ^[^*]*(\*[^/]*)?\.(json|yml|yaml|JSON|YML|YAML)$ + type: string + minItems: 1 + type: array + refreshInterval: + description: RefreshInterval configures the refresh interval + at which Prometheus will reload the content of the files. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + required: + - files + type: object + type: array + gceSDConfigs: + description: GCESDConfigs defines a list of GCE service discovery + configurations. + items: + description: "GCESDConfig configures scrape targets from GCP GCE + instances. The private IP address is used by default, but may + be changed to the public IP address with relabeling. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#gce_sd_config + \n The GCE service discovery will load the Google Cloud credentials + from the file specified by the GOOGLE_APPLICATION_CREDENTIALS + environment variable. See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform + \n A pre-requisite for using GCESDConfig is that a Secret containing + valid Google Cloud credentials is mounted into the Prometheus + or PrometheusAgent pod via the `.spec.secrets` field and that + the GOOGLE_APPLICATION_CREDENTIALS environment variable is set + to /etc/prometheus/secrets//." + properties: + filter: + description: 'Filter can be used optionally to filter the instance + list by other criteria Syntax of this filter is described + in the filter query parameter section: https://cloud.google.com/compute/docs/reference/latest/instances/list' + type: string + port: + description: The port to scrape metrics from. If using the public + IP address, this must instead be specified in the relabeling + rule. + type: integer + project: + description: The Google Cloud Project ID + minLength: 1 + type: string + refreshInterval: + description: RefreshInterval configures the refresh interval + at which Prometheus will re-read the instance list. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + tagSeparator: + description: The tag separator is used to separate the tags + on concatenation + type: string + zone: + description: The zone of the scrape targets. If you need multiple + zones use multiple GCESDConfigs. + minLength: 1 + type: string + required: + - project + - zone + type: object + type: array + hetznerSDConfigs: + description: HetznerSDConfigs defines a list of Hetzner service discovery + configurations. + items: + description: HetznerSDConfig allow retrieving scrape targets from + Hetzner Cloud API and Robot API. This service discovery uses the + public IPv4 address by default, but that can be changed with relabeling + See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#hetzner_sd_config + properties: + authorization: + description: Authorization header configuration, required when + role is hcloud. Role robot does not support bearer token authentication. + properties: + credentials: + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" + type: string + type: object + basicAuth: + description: BasicAuth information to use on every scrape request, + required when role is robot. Role hcloud does not support + basic auth. + properties: + password: + description: '`password` specifies a key of a Secret containing + the password for authentication.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: '`username` specifies a key of a Secret containing + the username for authentication.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + enableHTTP2: + description: Whether to enable HTTP2. + type: boolean + followRedirects: + description: Configure whether HTTP requests follow HTTP 3xx + redirects. + type: boolean + noProxy: + description: "`noProxy` is a comma-separated string that can + contain IPs, CIDR notation, domain names that should be excluded + from proxying. IP and domain names can contain port numbers. + \n It requires Prometheus >= v2.43.0." + type: string + oauth2: + description: Optional OAuth 2.0 configuration. Cannot be used + at the same time as `basic_auth` or `authorization`. + properties: + clientId: + description: '`clientId` specifies a key of a Secret or + ConfigMap containing the OAuth2 client''s ID.' + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: '`clientSecret` specifies a key of a Secret + containing the OAuth2 client''s secret.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: '`endpointParams` configures the HTTP parameters + to append to the token URL.' + type: object + scopes: + description: '`scopes` defines the OAuth2 scopes used for + the token request.' + items: + type: string + type: array + tokenUrl: + description: '`tokenURL` configures the URL to fetch the + token from.' + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + port: + description: The port to scrape metrics from. + type: integer + proxyConnectHeader: + additionalProperties: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + description: "ProxyConnectHeader optionally specifies headers + to send to proxies during CONNECT requests. \n It requires + Prometheus >= v2.43.0." + type: object + x-kubernetes-map-type: atomic + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined + by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + If unset, Prometheus uses its default value. \n It requires + Prometheus >= v2.43.0." + type: boolean + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use. + \n It requires Prometheus >= v2.43.0." + pattern: ^http(s)?://.+$ + type: string + refreshInterval: + description: The time after which the servers are refreshed. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + role: + description: The Hetzner role of entities that should be discovered. + enum: + - hcloud + - Hcloud + - robot + - Robot + type: string + tlsConfig: + description: TLS configuration to use on every scrape request. + properties: + ca: + description: Certificate authority used when verifying server + certificates. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Client certificate to present when doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - role + type: object + type: array + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether Prometheus respects + the timestamps present in scraped data. + type: boolean + httpSDConfigs: + description: HTTPSDConfigs defines a list of HTTP service discovery + configurations. + items: + description: HTTPSDConfig defines a prometheus HTTP service discovery + configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#http_sd_config + properties: + authorization: + description: Authorization header configuration to authenticate + against the target HTTP endpoint. + properties: + credentials: + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" + type: string + type: object + basicAuth: + description: 'BasicAuth information to authenticate against + the target HTTP endpoint. More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: '`password` specifies a key of a Secret containing + the password for authentication.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: '`username` specifies a key of a Secret containing + the username for authentication.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + noProxy: + description: "`noProxy` is a comma-separated string that can + contain IPs, CIDR notation, domain names that should be excluded + from proxying. IP and domain names can contain port numbers. + \n It requires Prometheus >= v2.43.0." + type: string + proxyConnectHeader: + additionalProperties: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + description: "ProxyConnectHeader optionally specifies headers + to send to proxies during CONNECT requests. \n It requires + Prometheus >= v2.43.0." + type: object + x-kubernetes-map-type: atomic + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined + by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + If unset, Prometheus uses its default value. \n It requires + Prometheus >= v2.43.0." + type: boolean + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use. + \n It requires Prometheus >= v2.43.0." + pattern: ^http(s)?://.+$ + type: string + refreshInterval: + description: RefreshInterval configures the refresh interval + at which Prometheus will re-query the endpoint to update the + target list. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + tlsConfig: + description: TLS configuration applying to the target HTTP endpoint. + properties: + ca: + description: Certificate authority used when verifying server + certificates. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Client certificate to present when doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key type: object - x-kubernetes-map-type: atomic - type: object - type: array - enableCompression: - description: "When false, Prometheus will request uncompressed response - from the scraped target. \n It requires Prometheus >= v2.49.0. \n - If unset, Prometheus uses true by default." - type: boolean - fileSDConfigs: - description: FileSDConfigs defines a list of file service discovery - configurations. - items: - description: FileSDConfig defines a Prometheus file service discovery - configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#file_sd_config - properties: - files: - description: 'List of files to be used for file discovery. Recommendation: - use absolute paths. While relative paths work, the prometheus-operator - project makes no guarantees about the working directory where - the configuration file is stored. Files must be mounted using - Prometheus.ConfigMaps or Prometheus.Secrets.' - items: - description: SDFile represents a file used for service discovery - pattern: ^[^*]*(\*[^/]*)?\.(json|yml|yaml|JSON|YML|YAML)$ - type: string - minItems: 1 - type: array - refreshInterval: - description: RefreshInterval configures the refresh interval - at which Prometheus will reload the content of the files. - pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ - type: string - required: - - files - type: object - type: array - gceSDConfigs: - description: GCESDConfigs defines a list of GCE service discovery - configurations. - items: - description: "GCESDConfig configures scrape targets from GCP GCE - instances. The private IP address is used by default, but may - be changed to the public IP address with relabeling. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#gce_sd_config - \n The GCE service discovery will load the Google Cloud credentials - from the file specified by the GOOGLE_APPLICATION_CREDENTIALS - environment variable. See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform - \n A pre-requisite for using GCESDConfig is that a Secret containing - valid Google Cloud credentials is mounted into the Prometheus - or PrometheusAgent pod via the `.spec.secrets` field and that - the GOOGLE_APPLICATION_CREDENTIALS environment variable is set - to /etc/prometheus/secrets//." - properties: - filter: - description: 'Filter can be used optionally to filter the instance - list by other criteria Syntax of this filter is described - in the filter query parameter section: https://cloud.google.com/compute/docs/reference/latest/instances/list' - type: string - port: - description: The port to scrape metrics from. If using the public - IP address, this must instead be specified in the relabeling - rule. - type: integer - project: - description: The Google Cloud Project ID - minLength: 1 - type: string - refreshInterval: - description: RefreshInterval configures the refresh interval - at which Prometheus will re-read the instance list. - pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ - type: string - tagSeparator: - description: The tag separator is used to separate the tags - on concatenation - type: string - zone: - description: The zone of the scrape targets. If you need multiple - zones use multiple GCESDConfigs. + url: + description: URL from which the targets are fetched. minLength: 1 + pattern: ^http(s)?://.+$ type: string required: - - project - - zone + - url type: object type: array - honorLabels: - description: HonorLabels chooses the metric's labels on collisions - with target labels. - type: boolean - honorTimestamps: - description: HonorTimestamps controls whether Prometheus respects - the timestamps present in scraped data. - type: boolean - httpSDConfigs: - description: HTTPSDConfigs defines a list of HTTP service discovery - configurations. + keepDroppedTargets: + description: "Per-scrape limit on the number of targets dropped by + relabeling that will be kept in memory. 0 means no limit. \n It + requires Prometheus >= v2.47.0." + format: int64 + type: integer + kubernetesSDConfigs: + description: KubernetesSDConfigs defines a list of Kubernetes service + discovery configurations. items: - description: HTTPSDConfig defines a prometheus HTTP service discovery - configuration See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#http_sd_config + description: KubernetesSDConfig allows retrieving scrape targets + from Kubernetes' REST API. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config properties: + apiServer: + description: The API server address consisting of a hostname + or IP address followed by an optional port number. If left + empty, Prometheus is assumed to run inside of the cluster. + It will discover API servers automatically and use the pod's + CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. + type: string + attachMetadata: + description: Optional metadata to attach to discovered targets. + It requires Prometheus >= v2.35.0 for `pod` role and Prometheus + >= v2.37.0 for `endpoints` and `endpointslice` roles. + properties: + node: + description: Attaches node metadata to discovered targets. + When set to true, Prometheus must have the `get` permission + on the `Nodes` objects. Only valid for Pod, Endpoint and + Endpointslice roles. + type: boolean + type: object authorization: - description: Authorization header configuration to authenticate - against the target HTTP endpoint. + description: Authorization header to use on every scrape request. + Cannot be set at the same time as `basicAuth`, or `oauth2`. properties: credentials: description: Selects a key of a Secret in the namespace @@ -1161,20 +2540,139 @@ spec: required: - key type: object - x-kubernetes-map-type: atomic - type: - description: "Defines the authentication type. The value - is case-insensitive. \n \"Basic\" is not a supported value. - \n Default: \"Bearer\"" - type: string - type: object - basicAuth: - description: 'BasicAuth information to authenticate against - the target HTTP endpoint. More info: https://prometheus.io/docs/operating/configuration/#endpoints' - properties: - password: - description: '`password` specifies a key of a Secret containing - the password for authentication.' + x-kubernetes-map-type: atomic + type: + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" + type: string + type: object + basicAuth: + description: BasicAuth information to use on every scrape request. + Cannot be set at the same time as `authorization`, or `oauth2`. + properties: + password: + description: '`password` specifies a key of a Secret containing + the password for authentication.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: '`username` specifies a key of a Secret containing + the username for authentication.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + enableHTTP2: + description: Whether to enable HTTP2. + type: boolean + followRedirects: + description: Configure whether HTTP requests follow HTTP 3xx + redirects. + type: boolean + namespaces: + description: Optional namespace discovery. If omitted, Prometheus + discovers targets across all namespaces. + properties: + names: + description: List of namespaces where to watch for resources. + If empty and `ownNamespace` isn't true, Prometheus watches + for resources in all namespaces. + items: + type: string + type: array + ownNamespace: + description: Includes the namespace in which the Prometheus + pod exists to the list of watched namesapces. + type: boolean + type: object + noProxy: + description: "`noProxy` is a comma-separated string that can + contain IPs, CIDR notation, domain names that should be excluded + from proxying. IP and domain names can contain port numbers. + \n It requires Prometheus >= v2.43.0." + type: string + oauth2: + description: Optional OAuth 2.0 configuration. Cannot be set + at the same time as `authorization`, or `basicAuth`. + properties: + clientId: + description: '`clientId` specifies a key of a Secret or + ConfigMap containing the OAuth2 client''s ID.' + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: '`clientSecret` specifies a key of a Secret + containing the OAuth2 client''s secret.' properties: key: description: The key of the secret to select from. Must @@ -1192,33 +2690,28 @@ spec: - key type: object x-kubernetes-map-type: atomic - username: - description: '`username` specifies a key of a Secret containing - the username for authentication.' - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key + endpointParams: + additionalProperties: + type: string + description: '`endpointParams` configures the HTTP parameters + to append to the token URL.' type: object - x-kubernetes-map-type: atomic + scopes: + description: '`scopes` defines the OAuth2 scopes used for + the token request.' + items: + type: string + type: array + tokenUrl: + description: '`tokenURL` configures the URL to fetch the + token from.' + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl type: object - noProxy: - description: "`noProxy` is a comma-separated string that can - contain IPs, CIDR notation, domain names that should be excluded - from proxying. IP and domain names can contain port numbers. - \n It requires Prometheus >= v2.43.0." - type: string proxyConnectHeader: additionalProperties: description: SecretKeySelector selects a key of a Secret. @@ -1255,14 +2748,57 @@ spec: \n It requires Prometheus >= v2.43.0." pattern: ^http(s)?://.+$ type: string - refreshInterval: - description: RefreshInterval configures the refresh interval - at which Prometheus will re-query the endpoint to update the - target list. - pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + role: + description: Role of the Kubernetes entities that should be + discovered. + enum: + - Node + - node + - Service + - service + - Pod + - pod + - Endpoints + - endpoints + - EndpointSlice + - endpointslice + - Ingress + - ingress type: string + selectors: + description: Selector to select objects. + items: + description: K8SSelectorConfig is Kubernetes Selector Config + properties: + field: + type: string + label: + type: string + role: + description: Role is role of the service in Kubernetes. + enum: + - Node + - node + - Service + - service + - Pod + - pod + - Endpoints + - endpoints + - EndpointSlice + - endpointslice + - Ingress + - ingress + type: string + required: + - role + type: object + type: array + x-kubernetes-list-map-keys: + - role + x-kubernetes-list-type: map tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: TLS configuration to use on every scrape request. properties: ca: description: Certificate authority used when verifying server @@ -1380,50 +2916,19 @@ spec: description: Used to verify the hostname for the targets. type: string type: object - url: - description: URL from which the targets are fetched. - minLength: 1 - pattern: ^http(s)?://.+$ - type: string required: - - url + - role type: object type: array - keepDroppedTargets: - description: "Per-scrape limit on the number of targets dropped by - relabeling that will be kept in memory. 0 means no limit. \n It - requires Prometheus >= v2.47.0." - format: int64 - type: integer - kubernetesSDConfigs: - description: KubernetesSDConfigs defines a list of Kubernetes service - discovery configurations. + kumaSDConfigs: + description: KumaSDConfigs defines a list of Kuma service discovery + configurations. items: - description: KubernetesSDConfig allows retrieving scrape targets - from Kubernetes' REST API. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config + description: KumaSDConfig allow retrieving scrape targets from Kuma's + control plane. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kuma_sd_config properties: - apiServer: - description: The API server address consisting of a hostname - or IP address followed by an optional port number. If left - empty, Prometheus is assumed to run inside of the cluster. - It will discover API servers automatically and use the pod's - CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. - type: string - attachMetadata: - description: Optional metadata to attach to discovered targets. - It requires Prometheus >= v2.35.0 for `pod` role and Prometheus - >= v2.37.0 for `endpoints` and `endpointslice` roles. - properties: - node: - description: Attaches node metadata to discovered targets. - When set to true, Prometheus must have the `get` permission - on the `Nodes` objects. Only valid for Pod, Endpoint and - Endpointslice roles. - type: boolean - type: object authorization: description: Authorization header to use on every scrape request. - Cannot be set at the same time as `basicAuth`, or `oauth2`. properties: credentials: description: Selects a key of a Secret in the namespace @@ -1453,7 +2958,6 @@ spec: type: object basicAuth: description: BasicAuth information to use on every scrape request. - Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: description: '`password` specifies a key of a Secret containing @@ -1496,29 +3000,22 @@ spec: type: object x-kubernetes-map-type: atomic type: object + clientID: + description: Client id is used by Kuma Control Plane to compute + Monitoring Assignment for specific Prometheus backend. + type: string enableHTTP2: description: Whether to enable HTTP2. type: boolean + fetchTimeout: + description: The time after which the monitoring assignments + are refreshed. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string followRedirects: description: Configure whether HTTP requests follow HTTP 3xx redirects. type: boolean - namespaces: - description: Optional namespace discovery. If omitted, Prometheus - discovers targets across all namespaces. - properties: - names: - description: List of namespaces where to watch for resources. - If empty and `ownNamespace` isn't true, Prometheus watches - for resources in all namespaces. - items: - type: string - type: array - ownNamespace: - description: Includes the namespace in which the Prometheus - pod exists to the list of watched namesapces. - type: boolean - type: object noProxy: description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded @@ -1652,57 +3149,16 @@ spec: \n It requires Prometheus >= v2.43.0." pattern: ^http(s)?://.+$ type: string - role: - description: Role of the Kubernetes entities that should be - discovered. - enum: - - Node - - node - - Service - - service - - Pod - - pod - - Endpoints - - endpoints - - EndpointSlice - - endpointslice - - Ingress - - ingress + refreshInterval: + description: The time to wait between polling update requests. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + server: + description: Address of the Kuma Control Plane's MADS xDS server. + minLength: 1 type: string - selectors: - description: Selector to select objects. - items: - description: K8SSelectorConfig is Kubernetes Selector Config - properties: - field: - type: string - label: - type: string - role: - description: Role is role of the service in Kubernetes. - enum: - - Node - - node - - Service - - service - - Pod - - pod - - Endpoints - - endpoints - - EndpointSlice - - endpointslice - - Ingress - - ingress - type: string - required: - - role - type: object - type: array - x-kubernetes-list-map-keys: - - role - x-kubernetes-list-type: map tlsConfig: - description: TLS configuration to use on every scrape request. + description: TLS configuration to use on every scrape request properties: ca: description: Certificate authority used when verifying server @@ -1821,7 +3277,7 @@ spec: type: string type: object required: - - role + - server type: object type: array labelLimit: diff --git a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-servicemonitors.yaml b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-servicemonitors.yaml index 44633a9..be3fd11 100644 --- a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-servicemonitors.yaml +++ b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-servicemonitors.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,7 +8,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.72.0 + operator.prometheus.io/version: 0.73.0 name: servicemonitors.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -53,6 +53,12 @@ spec: permission on the `Nodes` objects. type: boolean type: object + bodySizeLimit: + description: "When defined, bodySizeLimit specifies a job level limit + on the size of uncompressed response body that will be accepted + by Prometheus. \n It requires Prometheus >= v2.28.0." + pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ + type: string endpoints: description: List of endpoints part of this ServiceMonitor. items: diff --git a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-thanosrulers.yaml b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-thanosrulers.yaml index 9b49d60..1bbc261 100644 --- a/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-thanosrulers.yaml +++ b/charts/k8s-monitoring/charts/prometheus-operator-crds/charts/crds/templates/crd-thanosrulers.yaml @@ -1,4 +1,4 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.73.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,7 +8,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.72.0 + operator.prometheus.io/version: 0.73.0 name: thanosrulers.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -5434,9 +5434,9 @@ spec: type: object type: array tracingConfig: - description: TracingConfig configures tracing in Thanos. This is an - experimental feature, it may change in any upcoming release in a - breaking way. + description: "TracingConfig configures tracing in Thanos. \n `tracingConfigFile` + takes precedence over this field. \n This is an *experimental feature*, + it may change in any upcoming release in a breaking way." properties: key: description: The key of the secret to select from. Must be a @@ -5454,9 +5454,10 @@ spec: type: object x-kubernetes-map-type: atomic tracingConfigFile: - description: TracingConfig specifies the path of the tracing configuration - file. When used alongside with TracingConfig, TracingConfigFile - takes precedence. + description: "TracingConfig specifies the path of the tracing configuration + file. \n This field takes precedence over `tracingConfig`. \n This + is an *experimental feature*, it may change in any upcoming release + in a breaking way." type: string version: description: Version of Thanos to be deployed. @@ -7157,6 +7158,206 @@ spec: - name type: object type: array + web: + description: Defines the configuration of the ThanosRuler web server. + properties: + httpConfig: + description: Defines HTTP parameters for web server. + properties: + headers: + description: List of headers that can be added to HTTP responses. + properties: + contentSecurityPolicy: + description: Set the Content-Security-Policy header to + HTTP responses. Unset if blank. + type: string + strictTransportSecurity: + description: Set the Strict-Transport-Security header + to HTTP responses. Unset if blank. Please make sure + that you use this with care as this header might force + browsers to load Prometheus and the other applications + hosted on the same domain and subdomains over HTTPS. + https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security + type: string + xContentTypeOptions: + description: Set the X-Content-Type-Options header to + HTTP responses. Unset if blank. Accepted value is nosniff. + https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options + enum: + - "" + - NoSniff + type: string + xFrameOptions: + description: Set the X-Frame-Options header to HTTP responses. + Unset if blank. Accepted values are deny and sameorigin. + https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options + enum: + - "" + - Deny + - SameOrigin + type: string + xXSSProtection: + description: Set the X-XSS-Protection header to all responses. + Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection + type: string + type: object + http2: + description: Enable HTTP/2 support. Note that HTTP/2 is only + supported with TLS. When TLSConfig is not configured, HTTP/2 + will be disabled. Whenever the value of the field changes, + a rolling update will be triggered. + type: boolean + type: object + tlsConfig: + description: Defines the TLS parameters for HTTPS. + properties: + cert: + description: Contains the TLS certificate for the server. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cipherSuites: + description: 'List of supported cipher suites for TLS versions + up to TLS 1.2. If empty, Go default cipher suites are used. + Available cipher suites are documented in the go documentation: + https://golang.org/pkg/crypto/tls/#pkg-constants' + items: + type: string + type: array + client_ca: + description: Contains the CA certificate for client certificate + authentication to the server. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientAuthType: + description: 'Server policy for client authentication. Maps + to ClientAuth Policies. For more detail on clientAuth options: + https://golang.org/pkg/crypto/tls/#ClientAuthType' + type: string + curvePreferences: + description: 'Elliptic curves that will be used in an ECDHE + handshake, in preference order. Available curves are documented + in the go documentation: https://golang.org/pkg/crypto/tls/#CurveID' + items: + type: string + type: array + keySecret: + description: Secret containing the TLS key for the server. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + maxVersion: + description: Maximum TLS version that is acceptable. Defaults + to TLS13. + type: string + minVersion: + description: Minimum TLS version that is acceptable. Defaults + to TLS12. + type: string + preferServerCipherSuites: + description: Controls whether the server selects the client's + most preferred cipher suite, or the server's most preferred + cipher suite. If true then the server's preference, as expressed + in the order of elements in cipherSuites, is used. + type: boolean + required: + - cert + - keySecret + type: object + type: object type: object status: description: 'Most recent observed status of the ThanosRuler cluster. diff --git a/charts/k8s-monitoring/docs/HelmTests.md b/charts/k8s-monitoring/docs/HelmTests.md new file mode 100644 index 0000000..f2130a3 --- /dev/null +++ b/charts/k8s-monitoring/docs/HelmTests.md @@ -0,0 +1,130 @@ +# Helm tests + +This Helm chart contains a number of tests to ensure that things are working correctly. This document explains them and +describes how you can interact and modify them. + +## Pre-install, pre-upgrade validation + +Before every install or upgrade, the chart deploys a Pod with the Grafana Agent and a ConfigMap with the generated +configurations. The Pod inspects the configuration files, and validates their syntax and some internal structure. If the +configuration is found to be invalid, the install or upgrade is stopped. + +Change the settings for this validation in the `configValidator` section of the values file. + +## Data test + +This test is useful for validating that the complete end-to-end journey for the data is successful. When `helm test` is +run, a Job is created that can send queries to the various data sources to ensure that expected data has been delivered. +Some queries are built-in, and you can add others in the `test.extraQueries` section. + +Note that in order for this to work, the credentials for each data source needs the ability to query data. For example, +if sending data to Grafana Cloud, some +[Access Policy Tokens](https://grafana.com/docs/grafana-cloud/account-management/authentication-and-permissions/access-policies/) +do not contain the `:read` scope for reading data from the data source. You must either grant that + +### Default queries + +These queries are added by default and are used if their respective metric source is enabled: + +| Metric Source | Query | Condition | +|---------------------------|-----------------------------------------------------------------------------|--------------------------------------------------------------------------| +| | `up` | `metrics.enabled: true` | +| Grafana Agent | `agent_build_info{cluster=""}` | `metrics.enabled: true`
`metrics.agent.enabled: true` | +| Kubelet | `kubernetes_build_info{cluster=""}` | `metrics.enabled: true`
`metrics.kubelet.enabled: true` | +| cAdvisor | `machine_memory_bytes{cluster=""}` | `metrics.enabled: true`
`metrics.cadvisor.enabled: true` | +| kube-state-metrics | `kube_node_info{cluster=""}` | `metrics.enabled: true`
`metrics.kube-state-metrics.enabled: true` | +| Node Exporter | `node_exporter_build_info{cluster=""}` | `metrics.enabled: true`
`metrics.node-exporter.enabled: true` | +| Windows Exporter | `windows_exporter_build_info{cluster=""}` | `metrics.enabled: true`
`metrics.windows-exporter.enabled: true` | +| API Server | `apiserver_request_total{cluster=""}` | `metrics.enabled: true`
`metrics.apiserver.enabled: true` | +| Kube Controller Manager | `workqueue_adds_total{cluster=""}` | `metrics.enabled: true`
`metrics.kubeControllerManager.enabled: true` | +| Kube Proxy | `kubeproxy_sync_proxy_rules_service_changes_total{cluster=""}` | `metrics.enabled: true`
`metrics.kubeProxy.enabled: true` | +| Kube Scheduler | `scheduler_unschedulable_pods{cluster=""}` | `metrics.enabled: true`
`metrics.kubeScheduler.enabled: true` | +| OpenCost | `opencost_build_info{cluster=""}` | `metrics.enabled: true`
`metrics.cost.enabled: true` | +| Helm Chart self-reporting | `grafana_kubernetes_monitoring_build_info{cluster=""}` | `metrics.enabled: true`
`metrics.kubernetesMonitoring.enabled: true` | + +#### Extra Queries + +You can add additonal queries using the `test.extraQueries` section. An extra query can have this format: + +```yaml +query: "", +type: "[promql (default)|logql|traceql]|[pyroql]", +``` + +For PromQL queries, you can add an "expect" section to the query to validate the returned value: + +```yaml + expect: + operator": "[<, <=, ==, !=, =>, >]" + value": +} +``` + +#### Examples + +Here is an example that validates that the number of nodes detected matches the expected number of nodes in the Cluster. + +```yaml +- query: count(kube_node_info{cluster="my-cluster"}) + type: promql + expect: + value: 2 +``` + +This query will ensure that the DPM is exactly 1, meaning only one data point per minute. This is useful for ensuring +that metric sources are not being duplicated or double-scraped: + +```yaml +- query: avg(count_over_time(scrape_samples_scraped{cluster="my-cluster"}[1m])) + type: promql + expect: + value: 1 + operator: == +``` + +## Configuration analysis + +Also when `helm test` is run, a Pod is created that builds a report of how the configuration is performing on the +Cluster. For example, for all of the `discovery.relabel` components, how many objects were input and how many remain +after the rules were applied? For `prometheus.scrape` components, was the scrape successful? This report can be helpful +for diagnosing missing or duplicate metrics, because it will show if a relabel filter is removing the desired object, or +if the metrics scrape failed. + +Here is the report of the `discovery.relabel` component that filters from all Services to just the one for +kube-state-metrics: + +```text +discovery.relabel.kube_state_metrics + Inputs: discovery.kubernetes.services (61) + Outputs: prometheus.scrape.kube_state_metrics (1) +``` + +Here is the report for the `prometheus.scrape` component that scrapes metrics from the discovered `kube-state-metrics` +service: + +```text +prometheus.scrape.kube_state_metrics + Inputs: 1 + - k8s-monitoring-5sdguz5u4l-kube-state-metrics.monitoring.svc:8080 + Scrapes: 1 + - URL: http://k8s-monitoring-5sdguz5u4l-kube-state-metrics.monitoring.svc:8080/metrics + Health: up + Last scrape: 2024-04-05T13:50:37.761494213Z (19.154181ms) +``` + +It also works with Prometheus Operator objects, where discovery and scraping are combined into a single component: + +```text +prometheus.operator.servicemonitors.service_monitors + Discovered: 1 + - ServiceMonitor: loki/loki + Scrapes: 1 + - URL: http://10.244.1.14:3100/metrics + Health: up + Last scrape: 2024-04-05T13:50:47.107628637Z (13.38663ms) +``` + +## Deprecation checks + +Internally, the Helm chart checks for deprecated values and provides a suggestion for resolution. The list of +deprecations can be found in the [main README](../README.md). diff --git a/charts/k8s-monitoring/docs/Troubleshooting.md b/charts/k8s-monitoring/docs/Troubleshooting.md index fbc82e6..ab2824f 100644 --- a/charts/k8s-monitoring/docs/Troubleshooting.md +++ b/charts/k8s-monitoring/docs/Troubleshooting.md @@ -1,6 +1,13 @@ # Troubleshooting -## Instructions for specific Cluster platform providers. +This document contains some information about frequently encountered issues and how to resolve them. + +* [Instructions for specific Cluster platform providers](#instructions-for-specific-cluster-platform-providers) +* [CustomResourceDefinition conflicts](#customresourcedefinition-conflicts) +* [Pod log files in /var/lib/docker/containers](#pod-log-files-in-varlibdockercontainers) +* [Authentication error: invalid scope requested](#authentication-error-invalid-scope-requested) + +## Instructions for specific Cluster platform providers Certain Kubernetes Cluster platforms require some specific configurations for this Helm chart. If your Cluster is running on one of these platforms, see the example for the changes required to run this Helm chart: @@ -52,3 +59,29 @@ grafana-agent-logs: ``` ([source](https://github.com/grafana/k8s-monitoring-helm/issues/309)) + +## Authentication error: invalid scope requested + +To deliver telemetry data to Grafana Cloud, you use +an [Access Policy Token](https://grafana.com/docs/grafana-cloud/account-management/authentication-and-permissions/access-policies/) +with the appropriate scopes. Scopes define an action that can be done to a specific data type. For +example `metrics:write` permits writing metrics. + +If sending data to Grafana Cloud, this Helm chart uses the `:write` scopes for delivering data. It can optionally +use the `:read` scopes when running the [Data Test Job](./HelmTests.md#data-test). + +If your token does not have the correct scope, you will see errors in the Grafanaa Agent logs. For example, when trying +to deliver profiles to Pyroscrope without the `profiles:write` scope: + +```text +msg="final error sending to profiles to endpoint" component=pyroscope.write.profiles_service endpoint=https://tempo-prod-1-prod-eu-west-2.grafana.net:443 err="unauthenticated: authentication error: invalid scope requested" +``` + +The table below shows the scopes required for various actions done by this chart: + +| Data type | Server | Scope for writing | Scope for reading | +|-----------------------|---------------------------------------------|-------------------|-------------------| +| Metrics | Grafana Cloud Metrics (Prometheus or Mimir) | `metrics:write` | `metrics:read` | +| Logs & Cluster Events | Grafana Cloud Logs (Loki) | `logs:write` | `logs:read` | +| Traces | Grafana Cloud Trace (Tempo) | `traces:write` | `traces:read` | +| Profiles | Grafana Cloud Profiles (Pyroscope) | `profiles:write` | `profiles:read` | diff --git a/charts/k8s-monitoring/templates/agent_config/_profiles_ebpf.river.txt b/charts/k8s-monitoring/templates/agent_config/_profiles_ebpf.river.txt index 708b1fc..f511d2f 100644 --- a/charts/k8s-monitoring/templates/agent_config/_profiles_ebpf.river.txt +++ b/charts/k8s-monitoring/templates/agent_config/_profiles_ebpf.river.txt @@ -57,8 +57,10 @@ discovery.relabel "ebpf_pods" { pyroscope.ebpf "ebpf_pods" { targets = discovery.relabel.ebpf_pods.output - forward_to = [pyroscope.write.profiles_service.receiver] + demangle = {{ .Values.profiles.ebpf.demangle | quote }} + + forward_to = [pyroscope.write.profiles_service.receiver] } {{- end }} {{- end }} diff --git a/charts/k8s-monitoring/templates/agent_config/_profiles_pprof.river.txt b/charts/k8s-monitoring/templates/agent_config/_profiles_pprof.river.txt index 982123e..9711797 100644 --- a/charts/k8s-monitoring/templates/agent_config/_profiles_pprof.river.txt +++ b/charts/k8s-monitoring/templates/agent_config/_profiles_pprof.river.txt @@ -50,6 +50,7 @@ discovery.relabel "pprof_pods" { {{- end }} } +{{- $allProfileTypes := list "memory" "cpu" "goroutine" "block" "mutex" "fgprof" }} {{- $profileTypes := .Values.profiles.pprof.types }} {{ range $profileTypes }} discovery.relabel "pprof_pods_{{.}}_default_name" { @@ -140,17 +141,13 @@ discovery.relabel "pprof_pods_{{.}}_custom_name" { pyroscope.scrape "pyroscope_scrape_{{.}}" { targets = concat(discovery.relabel.pprof_pods_{{.}}_default_name.output, discovery.relabel.pprof_pods_{{.}}_custom_name.output) - clustering { - enabled = true - } profiling_config { {{- $currentType := . -}} - {{- range $profileTypes }} + {{- range $allProfileTypes }} profile.{{if eq . "cpu"}}process_cpu{{else}}{{.}}{{end}} { enabled = {{if eq . $currentType}}true{{else}}false{{end}} } - {{- if ne . (last $profileTypes) }}{{ printf "\n" }}{{ end }} {{- end }} } diff --git a/charts/k8s-monitoring/values.yaml b/charts/k8s-monitoring/values.yaml index f1f0e07..be18b80 100644 --- a/charts/k8s-monitoring/values.yaml +++ b/charts/k8s-monitoring/values.yaml @@ -83,7 +83,7 @@ externalServices: checkInterval: 1s # -- Maximum amount of memory targeted to be allocated by the process heap. limit: 0MiB - + # Write-Ahead Log (WAL) settings. Only applies when protocol is "remote_write" wal: # -- How frequently to clean up the WAL. @@ -220,15 +220,49 @@ externalServices: # This option will be deprecated and removed soon. Please switch to `tls` and use yaml format. tlsOptions: "" + # Connection information for Grafana Pyroscope pyroscope: - hostKey: "" + # -- Pyroscope host where profiles will be sent + host: "" + # -- The key for the host property in the secret + hostKey: host + + # -- HTTP proxy to proxy requests to Pyroscope through. + proxyURL: "" + + # -- Custom labels to be added to all profiles + externalLabels: {} + + # -- Pyroscope tenant ID + tenantId: "" + # -- The key for the tenant ID property in the secret + tenantIdKey: tenantId + + # -- one of "none", "basic" + authMode: basic + + # Authenticate to Pyroscope using basic authentication basicAuth: - usernameKey: "" - passwordKey: "" - tenantIdKey: "" + # -- Pyroscope basic auth username + username: "" + # -- The key for the username property in the secret + usernameKey: username + # -- Pyroscope basic auth password + password: "" + # -- The key for the password property in the secret + passwordKey: password -profiles: - enabled: false + # Credential management + secret: + # -- Should this Helm chart create the secret. If false, you must define the name and namespace values. + create: true + # -- The name of the secret. + name: "" + # -- The namespace of the secret. + namespace: "" + + # -- [TLS settings](https://grafana.com/docs/agent/latest/flow/reference/components/pyroscope.write/#tls_config-block) to configure for the profiles service. + tls: {} # Settings related to capturing and forwarding metrics metrics: @@ -281,6 +315,7 @@ metrics: # -- Annotation for setting the metrics scheme, default: http. metricsScheme: "k8s.grafana.com/metrics.scheme" + # Metrics from Grafana Agent agent: # -- Scrape metrics from Grafana Agent @@ -485,11 +520,9 @@ metrics: - metric: "machine_memory_bytes" labels: ["boot_id", "system_uuid"] # -- Only keep filesystem metrics that use the following physical devices - keepPhysicalFilesystemDevices: - ["mmcblk.p.+", "nvme.+", "rbd.+", "sd.+", "vd.+", "xvd.+", "dasd.+"] + keepPhysicalFilesystemDevices: ["mmcblk.p.+", "nvme.+", "rbd.+", "sd.+", "vd.+", "xvd.+", "dasd.+"] # -- Only keep network metrics that use the following physical devices - keepPhysicalNetworkDevices: - ["en[ospx][0-9].*", "wlan[0-9].*", "eth[0-9].*"] + keepPhysicalNetworkDevices: ["en[ospx][0-9].*", "wlan[0-9].*", "eth[0-9].*"] # Metrics from the API Server apiserver: @@ -676,6 +709,7 @@ metrics: # -- Rule blocks to be added to the prometheus.relabel component for ServiceMonitor objects. ([docs](https://grafana.com/docs/agent/latest/flow/reference/components/prometheus.relabel/#rule-block)) extraMetricRelabelingRules: "" + kubernetesMonitoring: # -- Report telemetry about this Kubernetes Monitoring chart as a metric. enabled: true @@ -686,11 +720,11 @@ metrics: filters: metric: [] datapoint: [] + # -- Apply a transformation to metrics received via the OTLP or OTLP HTTP receivers. ([docs](https://grafana.com/docs/agent/latest/flow/reference/components/otelcol.processor.transform/)) transforms: - resource: - - key: "" - value: "" - action: "" + resource: [] + metric: [] + datapoint: [] # Settings related to capturing and forwarding logs logs: @@ -766,6 +800,10 @@ logs: # -- Apply a filter to logs received via the OTLP or OTLP HTTP receivers. ([docs](https://grafana.com/docs/agent/latest/flow/reference/components/otelcol.processor.filter/)) filters: log_record: [] + # -- Apply a transformation to logs received via the OTLP or OTLP HTTP receivers. ([docs](https://grafana.com/docs/agent/latest/flow/reference/components/otelcol.processor.transform/)) + transforms: + resource: [] + log: [] # -- Extra configuration that will be added to Grafana Agent Logs configuration file. # This value is templated so that you can refer to other values from this file. @@ -784,6 +822,53 @@ traces: filters: span: [] spanevent: [] + # -- Apply a transformation to traces received via the OTLP or OTLP HTTP receivers. ([docs](https://grafana.com/docs/agent/latest/flow/reference/components/otelcol.processor.transform/)) + transforms: + resource: [] + span: [] + spanevent: [] + +# Settings related to capturing and forwarding profiles +profiles: + # -- Receive and forward profiles. + enabled: false + + # Settings for gathering profiles using eBPF + ebpf: + # -- Gather profiles using eBPF + enabled: true + # -- Which namespaces to look for pods with profiles. + namespaces: [] + + # -- Rule blocks to be added to the discovery.relabel component for eBPF profile sources. ([docs](https://grafana.com/docs/agent/latest/flow/reference/components/discovery.relabel/#rule-block)) + extraRelabelingRules: "" + + # -- C++ demangle mode. Available options are: none, simplified, templates, full + demangle: none + + # TBD + # java: + # enabled: true + # namespaces: [] + # # -- Rule blocks to be added to the discovery.relabel component for Java profile sources. ([docs](https://grafana.com/docs/agent/latest/flow/reference/components/discovery.relabel/#rule-block)) + # extraRelabelingRules: "" + + + pprof: + # -- Gather profiles by scraping pprof HTTP endpoints + enabled: true + # -- Which namespaces to look for pods with profiles. + namespaces: [] + # -- Rule blocks to be added to the discovery.relabel component for eBPF profile sources. ([docs](https://grafana.com/docs/agent/latest/flow/reference/components/discovery.relabel/#rule-block)) + extraRelabelingRules: "" + # -- Profile types to gather + types: + - memory + - cpu + - goroutine + - block + - mutex + - fgprof # Telemetry data receiver settings receivers: @@ -923,6 +1008,7 @@ test: PROMETHEUS_URL: "" LOKI_URL: "" TEMPO_URL: "" + PROFILECLI_URL: "" image: # -- Test job image registry. @@ -963,6 +1049,7 @@ configAnalysis: # -- Optional set of image pull secrets. pullSecrets: [] + ## Global properties for image pulling override the values defined under `image.registry` and `configReloader.image.registry`. ## If you want to override only one image registry, use the specific fields but if you want to override them all, use `global.image.registry` global: @@ -1060,7 +1147,7 @@ opencost: # @ignored -- This skips including these values in README.md exporter: # -- Default cluster ID to use if cluster is not set in Prometheus metrics. It should match cluster.name. - defaultClusterId: "default-cluster" + defaultClusterId: "" extraEnv: # -- Trial API Key used only with GCP. # See https://www.opencost.io/docs/configuration/gcp-opencost for how to set for your environment @@ -1073,11 +1160,11 @@ opencost: prometheus: # -- The name of the secret containing the username and password for the metrics service. This must be in the same namespace as the OpenCost deployment. - secret_name: "" + secret_name: prometheus-k8s-monitoring # -- The key for the username property in the secret. - username_key: "" + username_key: username # -- The key for the password property in the secret. - password_key: "" + password_key: password external: # @ignored -- This skips including these values in README.md enabled: true @@ -1093,17 +1180,17 @@ opencost: nodeSelector: kubernetes.io/os: linux -# Settings for the Grafana Agent deployment + +# Settings for the Grafana Agent deployment that gathers metrics, and opens receivers for application data. # You can use this sections to make modifications to the Grafana Agent deployment. # See https://github.com/grafana/agent/tree/main/operations/helm/charts/grafana-agent for available values. # @ignored -- This skips including these values in README.md grafana-agent: agent: - clustering: { enabled: true } + clustering: {enabled: true} - # This chart is creating the configuration, so the grafana-agent chart does - # not need to. - configMap: { create: false } + # This chart is creating the configuration, so the grafana-agent chart does not need to. + configMap: {create: false} extraPorts: - name: "otlp-grpc" @@ -1150,6 +1237,7 @@ grafana-agent: type: statefulset nodeSelector: kubernetes.io/os: linux + Category: mimir # This chart creates the credentials for Prometheus and Loki. This section # connects those credentials into the Grafana Agent pod. @@ -1160,39 +1248,37 @@ grafana-agent: name: kubernetes-monitoring-telemetry # Skip installation of the Grafana Agent CRDs, since we don't use them in this chart - crds: { create: false } + crds: {create: false} -# Settings for the Grafana Agent deployment +# Settings for the Grafana Agent deployment that gathers Cluster events. # You can use this sections to make modifications to the Grafana Agent deployment. # See https://github.com/grafana/agent/tree/main/operations/helm/charts/grafana-agent for available values. # @ignored -- This skips including these values in README.md grafana-agent-events: agent: - # This chart is creating the configuration, so the grafana-agent chart does - # not need to. - configMap: { create: true } + # This chart is creating the configuration, so the grafana-agent chart does not need to. + configMap: {create: true} controller: type: deployment - replicas: 1 # Only one replica should be used, otherwise multiple copies of cluster events might get sent to Loki. + replicas: 1 # Only one replica should be used, otherwise multiple copies of cluster events might get sent to Loki. nodeSelector: kubernetes.io/os: linux # Skip installation of the Grafana Agent CRDs, since we don't use them in this chart - crds: { create: false } + crds: {create: false} -# Settings for the Grafana Agent deployment +# Settings for the Grafana Agent deployment that gathers pod logs. # You can use this sections to make modifications to the Grafana Agent deployment. # See https://github.com/grafana/agent/tree/main/operations/helm/charts/grafana-agent for available values. # @ignored -- This skips including these values in README.md grafana-agent-logs: agent: - # This chart is creating the configuration, so the grafana-agent chart does - # not need to. - configMap: { create: false } + # This chart is creating the configuration, so the grafana-agent chart does not need to. + configMap: {create: false} # Enable clustering by default to make it simpler when using API-based log gathering. - clustering: { enabled: true } + clustering: {enabled: true} mounts: # Mount /var/log from the host into the container for log collection. @@ -1211,7 +1297,38 @@ grafana-agent-logs: operator: Exists # Skip installation of the Grafana Agent CRDs, since we don't use them in this chart - crds: { create: false } + crds: {create: false} + + +# Settings for the Grafana Agent deployment that gathers profiles. +# You can use this sections to make modifications to the Grafana Agent deployment. +# See https://github.com/grafana/agent/tree/main/operations/helm/charts/grafana-agent for available values. +# @ignored -- This skips including these values in README.md +grafana-agent-profiles: + agent: + # This chart is creating the configuration, so the grafana-agent chart does not need to. + configMap: {create: false} + + # Disabling clustering because each instance will gather profiles for the workloads on the same node. + clustering: {enabled: false} + + securityContext: + privileged: true + runAsGroup: 0 + runAsUser: 0 + + controller: + type: daemonset + hostPID: true + nodeSelector: + kubernetes.io/os: linux + + tolerations: + - effect: NoSchedule + operator: Exists + + # Skip installation of the Grafana Agent CRDs, since we don't use them in this chart + crds: {create: false} # -- Deploy additional manifest objects extraObjects: []