diff --git a/charts/victoria-metrics-k8s-stack/.helmignore b/charts/victoria-metrics-k8s-stack/.helmignore new file mode 100644 index 0000000..adb2210 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/.helmignore @@ -0,0 +1,31 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ + +# Ignore img folder used for documentation +img/ +*.md +*.md.gotmpl +e2e/ +lint/ +tests/ diff --git a/charts/victoria-metrics-k8s-stack/Chart.lock b/charts/victoria-metrics-k8s-stack/Chart.lock new file mode 100644 index 0000000..e5d4cfe --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/Chart.lock @@ -0,0 +1,18 @@ +dependencies: +- name: victoria-metrics-common + repository: https://victoriametrics.github.io/helm-charts + version: 0.0.42 +- name: victoria-metrics-operator + repository: https://victoriametrics.github.io/helm-charts + version: 0.50.3 +- name: kube-state-metrics + repository: https://prometheus-community.github.io/helm-charts + version: 6.0.0 +- name: prometheus-node-exporter + repository: https://prometheus-community.github.io/helm-charts + version: 4.47.0 +- name: grafana + repository: https://grafana.github.io/helm-charts + version: 9.2.9 +digest: sha256:040ee9453e77e669526e6615eb8c82802b1359a1b9c8b656b3c5aeefc8a3c45b +generated: "2025-06-27T21:38:38.290199+03:00" diff --git a/charts/victoria-metrics-k8s-stack/Chart.yaml b/charts/victoria-metrics-k8s-stack/Chart.yaml new file mode 100644 index 0000000..8f216a9 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/Chart.yaml @@ -0,0 +1,58 @@ +annotations: + artifacthub.io/category: monitoring-logging + artifacthub.io/changes: | + - force storage nodes count be more than 2 * replicationFactor - 1. See [#2285](https://github.com/VictoriaMetrics/helm-charts/issues/2285). + - bump version of VM components to [v1.121.0](https://github.com/VictoriaMetrics/VictoriaMetrics/blob/master/docs/victoriametrics/changelog/CHANGELOG.md#v11210) + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Sources + url: https://github.com/VictoriaMetrics/helm-charts/tree/master/charts/victoria-metrics-k8s-stack + - name: Charts repo + url: https://victoriametrics.github.io/helm-charts/ + - name: Docs + url: https://docs.victoriametrics.com + - name: Changelog + url: https://docs.victoriametrics.com/changelog + artifacthub.io/operator: "true" +apiVersion: v2 +appVersion: v1.121.0 +dependencies: +- name: victoria-metrics-common + repository: https://victoriametrics.github.io/helm-charts + version: 0.0.* +- condition: victoria-metrics-operator.enabled + name: victoria-metrics-operator + repository: https://victoriametrics.github.io/helm-charts + version: 0.50.* +- condition: kube-state-metrics.enabled + name: kube-state-metrics + repository: https://prometheus-community.github.io/helm-charts + version: 6.0.* +- condition: prometheus-node-exporter.enabled + name: prometheus-node-exporter + repository: https://prometheus-community.github.io/helm-charts + version: 4.47.* +- condition: grafana.enabled + name: grafana + repository: https://grafana.github.io/helm-charts + version: 9.2.* +description: Kubernetes monitoring on VictoriaMetrics stack. Includes VictoriaMetrics + Operator, Grafana dashboards, ServiceScrapes and VMRules +home: https://github.com/VictoriaMetrics/helm-charts +icon: https://avatars.githubusercontent.com/u/43720803?s=200&v=4 +keywords: +- victoriametrics +- operator +- monitoring +- kubernetes +- observability +- tsdb +- metrics +- metricsql +- timeseries +kubeVersion: '>=1.25.0-0' +name: victoria-metrics-k8s-stack +sources: +- https://github.com/VictoriaMetrics/helm-charts +type: application +version: 0.56.0 diff --git a/charts/victoria-metrics-k8s-stack/RELEASE_NOTES b/charts/victoria-metrics-k8s-stack/RELEASE_NOTES new file mode 100644 index 0000000..3f1afac --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/RELEASE_NOTES @@ -0,0 +1,8 @@ +# Release notes for version 0.56.0 + +**Release date:** 07 Jul 2025 + +![Helm: v3](https://img.shields.io/badge/Helm-v3.14%2B-informational?color=informational&logo=helm&link=https%3A%2F%2Fgithub.com%2Fhelm%2Fhelm%2Freleases%2Ftag%2Fv3.14.0) ![AppVersion: v1.121.0](https://img.shields.io/badge/v1.121.0-success?logo=VictoriaMetrics&labelColor=gray&link=https%3A%2F%2Fdocs.victoriametrics.com%2Fchangelog%23v11210) + +- force storage nodes count be more than 2 * replicationFactor - 1. See [#2285](https://github.com/VictoriaMetrics/helm-charts/issues/2285). +- bump version of VM components to [v1.121.0](https://github.com/VictoriaMetrics/VictoriaMetrics/blob/master/docs/victoriametrics/changelog/CHANGELOG.md#v11210) diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/.helmignore b/charts/victoria-metrics-k8s-stack/charts/grafana/.helmignore new file mode 100644 index 0000000..8cade13 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.vscode +.project +.idea/ +*.tmproj +OWNERS diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/Chart.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/Chart.yaml new file mode 100644 index 0000000..045732f --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/Chart.yaml @@ -0,0 +1,35 @@ +annotations: + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Chart Source + url: https://github.com/grafana/helm-charts + - name: Upstream Project + url: https://github.com/grafana/grafana +apiVersion: v2 +appVersion: 12.0.2 +description: The leading tool for querying and visualizing time series and metrics. +home: https://grafana.com +icon: https://artifacthub.io/image/b4fed1a7-6c8f-4945-b99d-096efa3e4116 +keywords: +- monitoring +- metric +kubeVersion: ^1.8.0-0 +maintainers: +- email: zanhsieh@gmail.com + name: zanhsieh +- email: rluckie@cisco.com + name: rtluckie +- email: maor.friedman@redhat.com + name: maorfr +- email: miroslav.hadzhiev@gmail.com + name: Xtigyro +- email: mail@torstenwalter.de + name: torstenwalter +- email: github@jkroepke.de + name: jkroepke +name: grafana +sources: +- https://github.com/grafana/grafana +- https://github.com/grafana/helm-charts +type: application +version: 9.2.9 diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/README.md b/charts/victoria-metrics-k8s-stack/charts/grafana/README.md new file mode 100644 index 0000000..444b87a --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/README.md @@ -0,0 +1,797 @@ +# Grafana Helm Chart + +* Installs the web dashboarding system [Grafana](http://grafana.org/) + +## Get Repo Info + +```console +helm repo add grafana https://grafana.github.io/helm-charts +helm repo update +``` + +_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +helm install my-release grafana/grafana +``` + +## Uninstalling the Chart + +To uninstall/delete the my-release deployment: + +```console +helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Upgrading an existing Release to a new major version + +A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an +incompatible breaking change needing manual actions. + +### To 4.0.0 (And 3.12.1) + +This version requires Helm >= 2.12.0. + +### To 5.0.0 + +You have to add --force to your helm upgrade command as the labels of the chart have changed. + +### To 6.0.0 + +This version requires Helm >= 3.1.0. + +### To 7.0.0 + +For consistency with other Helm charts, the `global.image.registry` parameter was renamed +to `global.imageRegistry`. If you were not previously setting `global.image.registry`, no action +is required on upgrade. If you were previously setting `global.image.registry`, you will +need to instead set `global.imageRegistry`. + +## Configuration + +| Parameter | Description | Default | +|-------------------------------------------|-----------------------------------------------|---------------------------------------------------------| +| `replicas` | Number of nodes | `1` | +| `podDisruptionBudget.minAvailable` | Pod disruption minimum available | `nil` | +| `podDisruptionBudget.maxUnavailable` | Pod disruption maximum unavailable | `nil` | +| `podDisruptionBudget.apiVersion` | Pod disruption apiVersion | `nil` | +| `deploymentStrategy` | Deployment strategy | `{ "type": "RollingUpdate" }` | +| `livenessProbe` | Liveness Probe settings | `{ "httpGet": { "path": "/api/health", "port": 3000 } "initialDelaySeconds": 60, "timeoutSeconds": 30, "failureThreshold": 10 }` | +| `readinessProbe` | Readiness Probe settings | `{ "httpGet": { "path": "/api/health", "port": 3000 } }`| +| `securityContext` | Deployment securityContext | `{"runAsUser": 472, "runAsGroup": 472, "fsGroup": 472}` | +| `priorityClassName` | Name of Priority Class to assign pods | `nil` | +| `image.registry` | Image registry | `docker.io` | +| `image.repository` | Image repository | `grafana/grafana` | +| `image.tag` | Overrides the Grafana image tag whose default is the chart appVersion (`Must be >= 5.0.0`) | `` | +| `image.sha` | Image sha (optional) | `` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Image pull secrets (can be templated) | `[]` | +| `service.enabled` | Enable grafana service | `true` | +| `service.ipFamilies` | Kubernetes service IP families | `[]` | +| `service.ipFamilyPolicy` | Kubernetes service IP family policy | `""` | +| `service.sessionAffinity` | Kubernetes service session affinity config | `""` | +| `service.type` | Kubernetes service type | `ClusterIP` | +| `service.port` | Kubernetes port where service is exposed | `80` | +| `service.portName` | Name of the port on the service | `service` | +| `service.appProtocol` | Adds the appProtocol field to the service | `` | +| `service.targetPort` | Internal service is port | `3000` | +| `service.nodePort` | Kubernetes service nodePort | `nil` | +| `service.annotations` | Service annotations (can be templated) | `{}` | +| `service.labels` | Custom labels | `{}` | +| `service.clusterIP` | internal cluster service IP | `nil` | +| `service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `nil` | +| `service.loadBalancerSourceRanges` | list of IP CIDRs allowed access to lb (if supported) | `[]` | +| `service.externalIPs` | service external IP addresses | `[]` | +| `service.externalTrafficPolicy` | change the default externalTrafficPolicy | `nil` | +| `headlessService` | Create a headless service | `false` | +| `extraExposePorts` | Additional service ports for sidecar containers| `[]` | +| `hostAliases` | adds rules to the pod's /etc/hosts | `[]` | +| `ingress.enabled` | Enables Ingress | `false` | +| `ingress.annotations` | Ingress annotations (values are templated) | `{}` | +| `ingress.labels` | Custom labels | `{}` | +| `ingress.path` | Ingress accepted path | `/` | +| `ingress.pathType` | Ingress type of path | `Prefix` | +| `ingress.hosts` | Ingress accepted hostnames | `["chart-example.local"]` | +| `ingress.extraPaths` | Ingress extra paths to prepend to every host configuration. Useful when configuring [custom actions with AWS ALB Ingress Controller](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.6/guide/ingress/annotations/#actions). Requires `ingress.hosts` to have one or more host entries. | `[]` | +| `ingress.tls` | Ingress TLS configuration | `[]` | +| `ingress.ingressClassName` | Ingress Class Name. MAY be required for Kubernetes versions >= 1.18 | `""` | +| `resources` | CPU/Memory resource requests/limits | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Toleration labels for pod assignment | `[]` | +| `affinity` | Affinity settings for pod assignment | `{}` | +| `extraInitContainers` | Init containers to add to the grafana pod | `{}` | +| `extraContainers` | Sidecar containers to add to the grafana pod | `""` | +| `extraContainerVolumes` | Volumes that can be mounted in sidecar containers | `[]` | +| `extraLabels` | Custom labels for all manifests | `{}` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `nil` | +| `persistence.enabled` | Use persistent volume to store data | `false` | +| `persistence.type` | Type of persistence (`pvc` or `statefulset`) | `pvc` | +| `persistence.size` | Size of persistent volume claim | `10Gi` | +| `persistence.existingClaim` | Use an existing PVC to persist data (can be templated) | `nil` | +| `persistence.storageClassName` | Type of persistent volume claim | `nil` | +| `persistence.accessModes` | Persistence access modes | `[ReadWriteOnce]` | +| `persistence.annotations` | PersistentVolumeClaim annotations | `{}` | +| `persistence.finalizers` | PersistentVolumeClaim finalizers | `[ "kubernetes.io/pvc-protection" ]` | +| `persistence.extraPvcLabels` | Extra labels to apply to a PVC. | `{}` | +| `persistence.subPath` | Mount a sub dir of the persistent volume (can be templated) | `nil` | +| `persistence.inMemory.enabled` | If persistence is not enabled, whether to mount the local storage in-memory to improve performance | `false` | +| `persistence.inMemory.sizeLimit` | SizeLimit for the in-memory local storage | `nil` | +| `persistence.disableWarning` | Hide NOTES warning, useful when persisting to a database | `false` | +| `initChownData.enabled` | If false, don't reset data ownership at startup | true | +| `initChownData.image.registry` | init-chown-data container image registry | `docker.io` | +| `initChownData.image.repository` | init-chown-data container image repository | `busybox` | +| `initChownData.image.tag` | init-chown-data container image tag | `1.31.1` | +| `initChownData.image.sha` | init-chown-data container image sha (optional)| `""` | +| `initChownData.image.pullPolicy` | init-chown-data container image pull policy | `IfNotPresent` | +| `initChownData.resources` | init-chown-data pod resource requests & limits | `{}` | +| `initChownData.securityContext` | init-chown-data pod securityContext | `{"readOnlyRootFilesystem": false, "runAsNonRoot": false}`, "runAsUser": 0, "seccompProfile": {"type": "RuntimeDefault"}, "capabilities": {"add": ["CHOWN"], "drop": ["ALL"]}}` | +| `schedulerName` | Alternate scheduler name | `nil` | +| `env` | Extra environment variables passed to pods | `{}` | +| `envValueFrom` | Environment variables from alternate sources. See the API docs on [EnvVarSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#envvarsource-v1-core) for format details. Can be templated | `{}` | +| `envFromSecret` | Name of a Kubernetes secret (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `""` | +| `envFromSecrets` | List of Kubernetes secrets (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `[]` | +| `envFromConfigMaps` | List of Kubernetes ConfigMaps (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `[]` | +| `envRenderSecret` | Sensible environment variables passed to pods and stored as secret. (passed through [tpl](https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function)) | `{}` | +| `enableServiceLinks` | Inject Kubernetes services as environment variables. | `true` | +| `extraSecretMounts` | Additional grafana server secret mounts | `[]` | +| `extraVolumeMounts` | Additional grafana server volume mounts | `[]` | +| `extraVolumes` | Additional Grafana server volumes | `[]` | +| `automountServiceAccountToken` | Mounted the service account token on the grafana pod. Mandatory, if sidecars are enabled | `true` | +| `createConfigmap` | Enable creating the grafana configmap | `true` | +| `extraConfigmapMounts` | Additional grafana server configMap volume mounts (values are templated) | `[]` | +| `extraEmptyDirMounts` | Additional grafana server emptyDir volume mounts | `[]` | +| `plugins` | Plugins to be loaded along with Grafana | `[]` | +| `datasources` | Configure grafana datasources (passed through tpl) | `{}` | +| `alerting` | Configure grafana alerting (passed through tpl) | `{}` | +| `notifiers` | Configure grafana notifiers | `{}` | +| `dashboardProviders` | Configure grafana dashboard providers | `{}` | +| `defaultCurlOptions` | Configure default curl short options for all dashboards, the beginning dash is required | `-skf` | +| `dashboards` | Dashboards to import | `{}` | +| `dashboardsConfigMaps` | ConfigMaps reference that contains dashboards | `{}` | +| `grafana.ini` | Grafana's primary configuration | `{}` | +| `global.imageRegistry` | Global image pull registry for all images. | `null` | +| `global.imagePullSecrets` | Global image pull secrets (can be templated). Allows either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style). | `[]` | +| `ldap.enabled` | Enable LDAP authentication | `false` | +| `ldap.existingSecret` | The name of an existing secret containing the `ldap.toml` file, this must have the key `ldap-toml`. | `""` | +| `ldap.config` | Grafana's LDAP configuration | `""` | +| `annotations` | Deployment annotations | `{}` | +| `labels` | Deployment labels | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Pod labels | `{}` | +| `podPortName` | Name of the grafana port on the pod | `grafana` | +| `lifecycleHooks` | Lifecycle hooks for podStart and preStop [Example](https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/#define-poststart-and-prestop-handlers) | `{}` | +| `sidecar.image.registry` | Sidecar image registry | `quay.io` | +| `sidecar.image.repository` | Sidecar image repository | `kiwigrid/k8s-sidecar` | +| `sidecar.image.tag` | Sidecar image tag | `1.30.0` | +| `sidecar.image.sha` | Sidecar image sha (optional) | `""` | +| `sidecar.imagePullPolicy` | Sidecar image pull policy | `IfNotPresent` | +| `sidecar.resources` | Sidecar resources | `{}` | +| `sidecar.securityContext` | Sidecar securityContext | `{}` | +| `sidecar.enableUniqueFilenames` | Sets the kiwigrid/k8s-sidecar UNIQUE_FILENAMES environment variable. If set to `true` the sidecar will create unique filenames where duplicate data keys exist between ConfigMaps and/or Secrets within the same or multiple Namespaces. | `false` | +| `sidecar.alerts.enabled` | Enables the cluster wide search for alerts and adds/updates/deletes them in grafana |`false` | +| `sidecar.alerts.label` | Label that config maps with alerts should have to be added (can be templated) | `grafana_alert` | +| `sidecar.alerts.labelValue` | Label value that config maps with alerts should have to be added (can be templated) | `""` | +| `sidecar.alerts.searchNamespace` | Namespaces list. If specified, the sidecar will search for alerts config-maps inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil` | +| `sidecar.alerts.watchMethod` | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` | +| `sidecar.alerts.resource` | Should the sidecar looks into secrets, configmaps or both. | `both` | +| `sidecar.alerts.reloadURL` | Full url of datasource configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/alerting/reload"` | +| `sidecar.alerts.skipReload` | Enabling this omits defining the REQ_URL and REQ_METHOD environment variables | `false` | +| `sidecar.alerts.initAlerts` | Set to true to deploy the alerts sidecar as an initContainer. This is needed if skipReload is true, to load any alerts defined at startup time. | `false` | +| `sidecar.alerts.extraMounts` | Additional alerts sidecar volume mounts. | `[]` | +| `sidecar.dashboards.enabled` | Enables the cluster wide search for dashboards and adds/updates/deletes them in grafana | `false` | +| `sidecar.dashboards.SCProvider` | Enables creation of sidecar provider | `true` | +| `sidecar.dashboards.provider.name` | Unique name of the grafana provider | `sidecarProvider` | +| `sidecar.dashboards.provider.orgid` | Id of the organisation, to which the dashboards should be added | `1` | +| `sidecar.dashboards.provider.folder` | Logical folder in which grafana groups dashboards | `""` | +| `sidecar.dashboards.provider.folderUid` | Allows you to specify the static UID for the logical folder above | `""` | +| `sidecar.dashboards.provider.disableDelete` | Activate to avoid the deletion of imported dashboards | `false` | +| `sidecar.dashboards.provider.allowUiUpdates` | Allow updating provisioned dashboards from the UI | `false` | +| `sidecar.dashboards.provider.type` | Provider type | `file` | +| `sidecar.dashboards.provider.foldersFromFilesStructure` | Allow Grafana to replicate dashboard structure from filesystem. | `false` | +| `sidecar.dashboards.watchMethod` | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` | +| `sidecar.skipTlsVerify` | Set to true to skip tls verification for kube api calls | `nil` | +| `sidecar.dashboards.label` | Label that config maps with dashboards should have to be added (can be templated) | `grafana_dashboard` | +| `sidecar.dashboards.labelValue` | Label value that config maps with dashboards should have to be added (can be templated) | `""` | +| `sidecar.dashboards.folder` | Folder in the pod that should hold the collected dashboards (unless `sidecar.dashboards.defaultFolderName` is set). This path will be mounted. | `/tmp/dashboards` | +| `sidecar.dashboards.folderAnnotation` | The annotation the sidecar will look for in configmaps to override the destination folder for files | `nil` | +| `sidecar.dashboards.defaultFolderName` | The default folder name, it will create a subfolder under the `sidecar.dashboards.folder` and put dashboards in there instead | `nil` | +| `sidecar.dashboards.searchNamespace` | Namespaces list. If specified, the sidecar will search for dashboards config-maps inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil` | +| `sidecar.dashboards.script` | Absolute path to shell script to execute after a configmap got reloaded. | `nil` | +| `sidecar.dashboards.reloadURL` | Full url of dashboards configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/dashboards/reload"` | +| `sidecar.dashboards.skipReload` | Enabling this omits defining the REQ_USERNAME, REQ_PASSWORD, REQ_URL and REQ_METHOD environment variables | `false` | +| `sidecar.dashboards.resource` | Should the sidecar looks into secrets, configmaps or both. | `both` | +| `sidecar.dashboards.extraMounts` | Additional dashboard sidecar volume mounts. | `[]` | +| `sidecar.datasources.enabled` | Enables the cluster wide search for datasources and adds/updates/deletes them in grafana |`false` | +| `sidecar.datasources.label` | Label that config maps with datasources should have to be added (can be templated) | `grafana_datasource` | +| `sidecar.datasources.labelValue` | Label value that config maps with datasources should have to be added (can be templated) | `""` | +| `sidecar.datasources.searchNamespace` | Namespaces list. If specified, the sidecar will search for datasources config-maps inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil` | +| `sidecar.datasources.watchMethod` | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` | +| `sidecar.datasources.resource` | Should the sidecar looks into secrets, configmaps or both. | `both` | +| `sidecar.datasources.reloadURL` | Full url of datasource configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/datasources/reload"` | +| `sidecar.datasources.skipReload` | Enabling this omits defining the REQ_URL and REQ_METHOD environment variables | `false` | +| `sidecar.datasources.initDatasources` | Set to true to deploy the datasource sidecar as an initContainer in addition to a container. This is needed if skipReload is true, to load any datasources defined at startup time. | `false` | +| `sidecar.notifiers.enabled` | Enables the cluster wide search for notifiers and adds/updates/deletes them in grafana | `false` | +| `sidecar.notifiers.label` | Label that config maps with notifiers should have to be added (can be templated) | `grafana_notifier` | +| `sidecar.notifiers.labelValue` | Label value that config maps with notifiers should have to be added (can be templated) | `""` | +| `sidecar.notifiers.searchNamespace` | Namespaces list. If specified, the sidecar will search for notifiers config-maps (or secrets) inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil` | +| `sidecar.notifiers.watchMethod` | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` | +| `sidecar.notifiers.resource` | Should the sidecar looks into secrets, configmaps or both. | `both` | +| `sidecar.notifiers.reloadURL` | Full url of notifier configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/notifications/reload"` | +| `sidecar.notifiers.skipReload` | Enabling this omits defining the REQ_URL and REQ_METHOD environment variables | `false` | +| `sidecar.notifiers.initNotifiers` | Set to true to deploy the notifier sidecar as an initContainer in addition to a container. This is needed if skipReload is true, to load any notifiers defined at startup time. | `false` | +| `smtp.existingSecret` | The name of an existing secret containing the SMTP credentials. | `""` | +| `smtp.userKey` | The key in the existing SMTP secret containing the username. | `"user"` | +| `smtp.passwordKey` | The key in the existing SMTP secret containing the password. | `"password"` | +| `admin.existingSecret` | The name of an existing secret containing the admin credentials (can be templated). | `""` | +| `admin.userKey` | The key in the existing admin secret containing the username. | `"admin-user"` | +| `admin.passwordKey` | The key in the existing admin secret containing the password. | `"admin-password"` | +| `serviceAccount.automountServiceAccountToken` | Automount the service account token on all pods where is service account is used | `false` | +| `serviceAccount.annotations` | ServiceAccount annotations | | +| `serviceAccount.create` | Create service account | `true` | +| `serviceAccount.labels` | ServiceAccount labels | `{}` | +| `serviceAccount.name` | Service account name to use, when empty will be set to created account if `serviceAccount.create` is set else to `default` | `` | +| `serviceAccount.nameTest` | Service account name to use for test, when empty will be set to created account if `serviceAccount.create` is set else to `default` | `nil` | +| `rbac.create` | Create and use RBAC resources | `true` | +| `rbac.namespaced` | Creates Role and Rolebinding instead of the default ClusterRole and ClusteRoleBindings for the grafana instance | `false` | +| `rbac.useExistingRole` | Set to a rolename to use existing role - skipping role creating - but still doing serviceaccount and rolebinding to the rolename set here. | `nil` | +| `rbac.pspEnabled` | Create PodSecurityPolicy (with `rbac.create`, grant roles permissions as well) | `false` | +| `rbac.pspUseAppArmor` | Enforce AppArmor in created PodSecurityPolicy (requires `rbac.pspEnabled`) | `false` | +| `rbac.extraRoleRules` | Additional rules to add to the Role | [] | +| `rbac.extraClusterRoleRules` | Additional rules to add to the ClusterRole | [] | +| `command` | Define command to be executed by grafana container at startup | `nil` | +| `args` | Define additional args if command is used | `nil` | +| `testFramework.enabled` | Whether to create test-related resources | `true` | +| `testFramework.image.registry` | `test-framework` image registry. | `docker.io` | +| `testFramework.image.repository` | `test-framework` image repository. | `bats/bats` | +| `testFramework.image.tag` | `test-framework` image tag. | `v1.4.1` | +| `testFramework.imagePullPolicy` | `test-framework` image pull policy. | `IfNotPresent` | +| `testFramework.securityContext` | `test-framework` securityContext | `{}` | +| `downloadDashboards.env` | Environment variables to be passed to the `download-dashboards` container | `{}` | +| `downloadDashboards.envFromSecret` | Name of a Kubernetes secret (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `""` | +| `downloadDashboards.resources` | Resources of `download-dashboards` container | `{}` | +| `downloadDashboardsImage.registry` | Curl docker image registry | `docker.io` | +| `downloadDashboardsImage.repository` | Curl docker image repository | `curlimages/curl` | +| `downloadDashboardsImage.tag` | Curl docker image tag | `8.9.1` | +| `downloadDashboardsImage.sha` | Curl docker image sha (optional) | `""` | +| `downloadDashboardsImage.pullPolicy` | Curl docker image pull policy | `IfNotPresent` | +| `namespaceOverride` | Override the deployment namespace | `""` (`Release.Namespace`) | +| `serviceMonitor.enabled` | Use servicemonitor from prometheus operator | `false` | +| `serviceMonitor.namespace` | Namespace this servicemonitor is installed in | | +| `serviceMonitor.interval` | How frequently Prometheus should scrape | `1m` | +| `serviceMonitor.path` | Path to scrape | `/metrics` | +| `serviceMonitor.scheme` | Scheme to use for metrics scraping | `http` | +| `serviceMonitor.tlsConfig` | TLS configuration block for the endpoint | `{}` | +| `serviceMonitor.labels` | Labels for the servicemonitor passed to Prometheus Operator | `{}` | +| `serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `30s` | +| `serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. | `[]` | +| `serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion. | `[]` | +| `revisionHistoryLimit` | Number of old ReplicaSets to retain | `10` | +| `imageRenderer.enabled` | Enable the image-renderer deployment & service | `false` | +| `imageRenderer.image.registry` | image-renderer Image registry | `docker.io` | +| `imageRenderer.image.repository` | image-renderer Image repository | `grafana/grafana-image-renderer` | +| `imageRenderer.image.tag` | image-renderer Image tag | `latest` | +| `imageRenderer.image.sha` | image-renderer Image sha (optional) | `""` | +| `imageRenderer.image.pullSecrets` | image-renderer Image pull secrets (optional) | `[]` | +| `imageRenderer.image.pullPolicy` | image-renderer ImagePullPolicy | `Always` | +| `imageRenderer.env` | extra env-vars for image-renderer | `{}` | +| `imageRenderer.envValueFrom` | Environment variables for image-renderer from alternate sources. See the API docs on [EnvVarSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#envvarsource-v1-core) for format details. Can be templated | `{}` | +| `imageRenderer.extraConfigmapMounts` | Additional image-renderer configMap volume mounts (values are templated) | `[]` | +| `imageRenderer.extraSecretMounts` | Additional image-renderer secret volume mounts | `[]` | +| `imageRenderer.extraVolumeMounts` | Additional image-renderer volume mounts | `[]` | +| `imageRenderer.extraVolumes` | Additional image-renderer volumes | `[]` | +| `imageRenderer.serviceAccountName` | image-renderer deployment serviceAccountName | `""` | +| `imageRenderer.securityContext` | image-renderer deployment securityContext | `{}` | +| `imageRenderer.podAnnotations` | image-renderer image-renderer pod annotation | `{}` | +| `imageRenderer.hostAliases` | image-renderer deployment Host Aliases | `[]` | +| `imageRenderer.priorityClassName` | image-renderer deployment priority class | `''` | +| `imageRenderer.service.enabled` | Enable the image-renderer service | `true` | +| `imageRenderer.service.portName` | image-renderer service port name | `http` | +| `imageRenderer.service.port` | image-renderer port used by deployment | `8081` | +| `imageRenderer.service.targetPort` | image-renderer service port used by service | `8081` | +| `imageRenderer.appProtocol` | Adds the appProtocol field to the service | `` | +| `imageRenderer.grafanaSubPath` | Grafana sub path to use for image renderer callback url | `''` | +| `imageRenderer.serverURL` | Remote image renderer url | `''` | +| `imageRenderer.renderingCallbackURL` | Callback url for the Grafana image renderer | `''` | +| `imageRenderer.podPortName` | name of the image-renderer port on the pod | `http` | +| `imageRenderer.revisionHistoryLimit` | number of image-renderer replica sets to keep | `10` | +| `imageRenderer.networkPolicy.limitIngress` | Enable a NetworkPolicy to limit inbound traffic from only the created grafana pods | `true` | +| `imageRenderer.networkPolicy.limitEgress` | Enable a NetworkPolicy to limit outbound traffic to only the created grafana pods | `false` | +| `imageRenderer.resources` | Set resource limits for image-renderer pods | `{}` | +| `imageRenderer.nodeSelector` | Node labels for pod assignment | `{}` | +| `imageRenderer.tolerations` | Toleration labels for pod assignment | `[]` | +| `imageRenderer.affinity` | Affinity settings for pod assignment | `{}` | +| `networkPolicy.enabled` | Enable creation of NetworkPolicy resources. | `false` | +| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | +| `networkPolicy.explicitNamespacesSelector` | A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed | `{}` | +| `networkPolicy.ingress` | Enable the creation of an ingress network policy | `true` | +| `networkPolicy.egress.enabled` | Enable the creation of an egress network policy | `false` | +| `networkPolicy.egress.ports` | An array of ports to allow for the egress | `[]` | +| `enableKubeBackwardCompatibility` | Enable backward compatibility of kubernetes where pod's defintion version below 1.13 doesn't have the enableServiceLinks option | `false` | + +### Example ingress with path + +With grafana 6.3 and above + +```yaml +grafana.ini: + server: + domain: monitoring.example.com + root_url: "%(protocol)s://%(domain)s/grafana" + serve_from_sub_path: true +ingress: + enabled: true + hosts: + - "monitoring.example.com" + path: "/grafana" +``` + +### Example of extraVolumeMounts and extraVolumes + +Configure additional volumes with `extraVolumes` and volume mounts with `extraVolumeMounts`. + +Example for `extraVolumeMounts` and corresponding `extraVolumes`: + +```yaml +extraVolumeMounts: + - name: plugins + mountPath: /var/lib/grafana/plugins + subPath: configs/grafana/plugins + readOnly: false + - name: dashboards + mountPath: /var/lib/grafana/dashboards + hostPath: /usr/shared/grafana/dashboards + readOnly: false + +extraVolumes: + - name: plugins + existingClaim: existing-grafana-claim + - name: dashboards + hostPath: /usr/shared/grafana/dashboards +``` + +Volumes default to `emptyDir`. Set to `persistentVolumeClaim`, +`hostPath`, `csi`, or `configMap` for other types. For a +`persistentVolumeClaim`, specify an existing claim name with +`existingClaim`. + +## Import dashboards + +There are a few methods to import dashboards to Grafana. Below are some examples and explanations as to how to use each method: + +```yaml +dashboards: + default: + some-dashboard: + json: | + { + "annotations": + + ... + # Complete json file here + ... + + "title": "Some Dashboard", + "uid": "abcd1234", + "version": 1 + } + custom-dashboard: + # This is a path to a file inside the dashboards directory inside the chart directory + file: dashboards/custom-dashboard.json + prometheus-stats: + # Ref: https://grafana.com/dashboards/2 + gnetId: 2 + revision: 2 + datasource: Prometheus + loki-dashboard-quick-search: + gnetId: 12019 + revision: 2 + datasource: + - name: DS_PROMETHEUS + value: Prometheus + - name: DS_LOKI + value: Loki + local-dashboard: + url: https://github.com/cloudnative-pg/grafana-dashboards/blob/main/charts/cluster/grafana-dashboard.json + # redirects to: + # https://raw.githubusercontent.com/cloudnative-pg/grafana-dashboards/refs/heads/main/charts/cluster/grafana-dashboard.json + + # default: -skf + # -s - silent mode + # -k - allow insecure (eg: non-TLS) connections + # -f - fail fast + # -L - follow HTTP redirects + curlOptions: -Lf +``` + +## BASE64 dashboards + +Dashboards could be stored on a server that does not return JSON directly and instead of it returns a Base64 encoded file (e.g. Gerrit) +A new parameter has been added to the url use case so if you specify a b64content value equals to true after the url entry a Base64 decoding is applied before save the file to disk. +If this entry is not set or is equals to false not decoding is applied to the file before saving it to disk. + +### Gerrit use case + +Gerrit API for download files has the following schema: where {project-name} and +{file-id} usually has '/' in their values and so they MUST be replaced by %2F so if project-name is user/repo, branch-id is master and file-id is equals to dir1/dir2/dashboard +the url value is + +## Sidecar for dashboards + +If the parameter `sidecar.dashboards.enabled` is set, a sidecar container is deployed in the grafana +pod. This container watches all configmaps (or secrets) in the cluster and filters out the ones with +a label as defined in `sidecar.dashboards.label`. The files defined in those configmaps are written +to a folder and accessed by grafana. Changes to the configmaps are monitored and the imported +dashboards are deleted/updated. + +A recommendation is to use one configmap per dashboard, as a reduction of multiple dashboards inside +one configmap is currently not properly mirrored in grafana. + +Example dashboard config: + +```yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: sample-grafana-dashboard + labels: + grafana_dashboard: "1" +data: + k8s-dashboard.json: |- + [...] +``` + +## Sidecar for datasources + +If the parameter `sidecar.datasources.enabled` is set, an init container is deployed in the grafana +pod. This container lists all secrets (or configmaps, though not recommended) in the cluster and +filters out the ones with a label as defined in `sidecar.datasources.label`. The files defined in +those secrets are written to a folder and accessed by grafana on startup. Using these yaml files, +the data sources in grafana can be imported. + +Should you aim for reloading datasources in Grafana each time the config is changed, set `sidecar.datasources.skipReload: false` and adjust `sidecar.datasources.reloadURL` to `http://..svc.cluster.local/api/admin/provisioning/datasources/reload`. + +Secrets are recommended over configmaps for this usecase because datasources usually contain private +data like usernames and passwords. Secrets are the more appropriate cluster resource to manage those. + +Example values to add a postgres datasource as a kubernetes secret: + +```yaml +apiVersion: v1 +kind: Secret +metadata: + name: grafana-datasources + labels: + grafana_datasource: 'true' # default value for: sidecar.datasources.label +stringData: + pg-db.yaml: |- + apiVersion: 1 + datasources: + - name: My pg db datasource + type: postgres + url: my-postgresql-db:5432 + user: db-readonly-user + secureJsonData: + password: 'SUperSEcretPa$$word' + jsonData: + database: my_datase + sslmode: 'disable' # disable/require/verify-ca/verify-full + maxOpenConns: 0 # Grafana v5.4+ + maxIdleConns: 2 # Grafana v5.4+ + connMaxLifetime: 14400 # Grafana v5.4+ + postgresVersion: 1000 # 903=9.3, 904=9.4, 905=9.5, 906=9.6, 1000=10 + timescaledb: false + # allow users to edit datasources from the UI. + editable: false +``` + +Example values to add a datasource adapted from [Grafana](http://docs.grafana.org/administration/provisioning/#example-datasource-config-file): + +```yaml +datasources: + datasources.yaml: + apiVersion: 1 + datasources: + # name of the datasource. Required + - name: Graphite + # datasource type. Required + type: graphite + # access mode. proxy or direct (Server or Browser in the UI). Required + access: proxy + # org id. will default to orgId 1 if not specified + orgId: 1 + # url + url: http://localhost:8080 + # database password, if used + password: + # database user, if used + user: + # database name, if used + database: + # enable/disable basic auth + basicAuth: + # basic auth username + basicAuthUser: + # basic auth password + basicAuthPassword: + # enable/disable with credentials headers + withCredentials: + # mark as default datasource. Max one per org + isDefault: + # fields that will be converted to json and stored in json_data + jsonData: + graphiteVersion: "1.1" + tlsAuth: true + tlsAuthWithCACert: true + # json object of data that will be encrypted. + secureJsonData: + tlsCACert: "..." + tlsClientCert: "..." + tlsClientKey: "..." + version: 1 + # allow users to edit datasources from the UI. + editable: false +``` + +## Sidecar for notifiers + +If the parameter `sidecar.notifiers.enabled` is set, an init container is deployed in the grafana +pod. This container lists all secrets (or configmaps, though not recommended) in the cluster and +filters out the ones with a label as defined in `sidecar.notifiers.label`. The files defined in +those secrets are written to a folder and accessed by grafana on startup. Using these yaml files, +the notification channels in grafana can be imported. The secrets must be created before +`helm install` so that the notifiers init container can list the secrets. + +Secrets are recommended over configmaps for this usecase because alert notification channels usually contain +private data like SMTP usernames and passwords. Secrets are the more appropriate cluster resource to manage those. + +Example datasource config adapted from [Grafana](https://grafana.com/docs/grafana/latest/administration/provisioning/#alert-notification-channels): + +```yaml +notifiers: + - name: notification-channel-1 + type: slack + uid: notifier1 + # either + org_id: 2 + # or + org_name: Main Org. + is_default: true + send_reminder: true + frequency: 1h + disable_resolve_message: false + # See `Supported Settings` section for settings supporter for each + # alert notification type. + settings: + recipient: 'XXX' + token: 'xoxb' + uploadImage: true + url: https://slack.com + +delete_notifiers: + - name: notification-channel-1 + uid: notifier1 + org_id: 2 + - name: notification-channel-2 + # default org_id: 1 +``` + +## Sidecar for alerting resources + +If the parameter `sidecar.alerts.enabled` is set, a sidecar container is deployed in the grafana +pod. This container watches all configmaps (or secrets) in the cluster (namespace defined by `sidecar.alerts.searchNamespace`) and filters out the ones with +a label as defined in `sidecar.alerts.label` (default is `grafana_alert`). The files defined in those configmaps are written +to a folder and accessed by grafana. Changes to the configmaps are monitored and the imported alerting resources are updated, however, deletions are a little more complicated (see below). + +This sidecar can be used to provision alert rules, contact points, notification policies, notification templates and mute timings as shown in [Grafana Documentation](https://grafana.com/docs/grafana/next/alerting/set-up/provision-alerting-resources/file-provisioning/). + +To fetch the alert config which will be provisioned, use the alert provisioning API ([Grafana Documentation](https://grafana.com/docs/grafana/next/developers/http_api/alerting_provisioning/)). +You can use either JSON or YAML format. + +Example config for an alert rule: + +```yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: sample-grafana-alert + labels: + grafana_alert: "1" +data: + k8s-alert.yml: |- + apiVersion: 1 + groups: + - orgId: 1 + name: k8s-alert + [...] +``` + +To delete provisioned alert rules is a two step process, you need to delete the configmap which defined the alert rule +and then create a configuration which deletes the alert rule. + +Example deletion configuration: + +```yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: delete-sample-grafana-alert + namespace: monitoring + labels: + grafana_alert: "1" +data: + delete-k8s-alert.yml: |- + apiVersion: 1 + deleteRules: + - orgId: 1 + uid: 16624780-6564-45dc-825c-8bded4ad92d3 +``` + +## Statically provision alerting resources + +If you don't need to change alerting resources (alert rules, contact points, notification policies and notification templates) regularly you could use the `alerting` config option instead of the sidecar option above. +This will grab the alerting config and apply it statically at build time for the helm file. + +There are two methods to statically provision alerting configuration in Grafana. Below are some examples and explanations as to how to use each method: + +```yaml +alerting: + team1-alert-rules.yaml: + file: alerting/team1/rules.yaml + team2-alert-rules.yaml: + file: alerting/team2/rules.yaml + team3-alert-rules.yaml: + file: alerting/team3/rules.yaml + notification-policies.yaml: + file: alerting/shared/notification-policies.yaml + notification-templates.yaml: + file: alerting/shared/notification-templates.yaml + contactpoints.yaml: + apiVersion: 1 + contactPoints: + - orgId: 1 + name: Slack channel + receivers: + - uid: default-receiver + type: slack + settings: + # Webhook URL to be filled in + url: "" + # We need to escape double curly braces for the tpl function. + text: '{{ `{{ template "default.message" . }}` }}' + title: '{{ `{{ template "default.title" . }}` }}' +``` + +The two possibilities for static alerting resource provisioning are: + +* Inlining the file contents as shown for contact points in the above example. +* Importing a file using a relative path starting from the chart root directory as shown for the alert rules in the above example. + +### Important notes on file provisioning + +* The format of the files is defined in the [Grafana documentation](https://grafana.com/docs/grafana/next/alerting/set-up/provision-alerting-resources/file-provisioning/) on file provisioning. +* The chart supports importing YAML and JSON files. +* The filename must be unique, otherwise one volume mount will overwrite the other. +* In case of inlining, double curly braces that arise from the Grafana configuration format and are not intended as templates for the chart must be escaped. +* The number of total files under `alerting:` is not limited. Each file will end up as a volume mount in the corresponding provisioning folder of the deployed Grafana instance. +* The file size for each import is limited by what the function `.Files.Get` can handle, which suffices for most cases. + +## How to serve Grafana with a path prefix (/grafana) + +In order to serve Grafana with a prefix (e.g., ), add the following to your values.yaml. + +```yaml +ingress: + enabled: true + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/rewrite-target: /$1 + nginx.ingress.kubernetes.io/use-regex: "true" + + path: /grafana/?(.*) + hosts: + - k8s.example.dev + +grafana.ini: + server: + root_url: http://localhost:3000/grafana # this host can be localhost +``` + +## How to securely reference secrets in grafana.ini + +This example uses Grafana [file providers](https://grafana.com/docs/grafana/latest/administration/configuration/#file-provider) for secret values and the `extraSecretMounts` configuration flag (Additional grafana server secret mounts) to mount the secrets. + +In grafana.ini: + +```yaml +grafana.ini: + [auth.generic_oauth] + enabled = true + client_id = $__file{/etc/secrets/auth_generic_oauth/client_id} + client_secret = $__file{/etc/secrets/auth_generic_oauth/client_secret} +``` + +Existing secret, or created along with helm: + +```yaml +--- +apiVersion: v1 +kind: Secret +metadata: + name: auth-generic-oauth-secret +type: Opaque +stringData: + client_id: + client_secret: +``` + +Include in the `extraSecretMounts` configuration flag: + +```yaml +extraSecretMounts: + - name: auth-generic-oauth-secret-mount + secretName: auth-generic-oauth-secret + defaultMode: 0440 + mountPath: /etc/secrets/auth_generic_oauth + readOnly: true +``` + +### extraSecretMounts using a Container Storage Interface (CSI) provider + +This example uses a CSI driver e.g. retrieving secrets using [Azure Key Vault Provider](https://github.com/Azure/secrets-store-csi-driver-provider-azure) + +```yaml +extraSecretMounts: + - name: secrets-store-inline + mountPath: /run/secrets + readOnly: true + csi: + driver: secrets-store.csi.k8s.io + readOnly: true + volumeAttributes: + secretProviderClass: "my-provider" + nodePublishSecretRef: + name: akv-creds +``` + +## Image Renderer Plug-In + +This chart supports enabling [remote image rendering](https://github.com/grafana/grafana-image-renderer/blob/master/README.md#run-in-docker) + +```yaml +imageRenderer: + enabled: true +``` + +### Image Renderer NetworkPolicy + +By default the image-renderer pods will have a network policy which only allows ingress traffic from the created grafana instance + +### High Availability for unified alerting + +If you want to run Grafana in a high availability cluster you need to enable +the headless service by setting `headlessService: true` in your `values.yaml` +file. + +As next step you have to setup the `grafana.ini` in your `values.yaml` in a way +that it will make use of the headless service to obtain all the IPs of the +cluster. You should replace ``{{ Name }}`` with the name of your helm deployment. + +```yaml +grafana.ini: + ... + unified_alerting: + enabled: true + ha_peers: {{ Name }}-headless:9094 + ha_listen_address: ${POD_IP}:9094 + ha_advertise_address: ${POD_IP}:9094 + rule_version_record_limit: "5" + + alerting: + enabled: false +``` diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/ci/default-values.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/default-values.yaml new file mode 100644 index 0000000..fc2ba60 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/default-values.yaml @@ -0,0 +1 @@ +# Leave this file empty to ensure that CI runs builds against the default configuration in values.yaml. diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-affinity-values.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-affinity-values.yaml new file mode 100644 index 0000000..f5b9b53 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-affinity-values.yaml @@ -0,0 +1,16 @@ +affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/instance: grafana-test + app.kubernetes.io/name: grafana + topologyKey: failure-domain.beta.kubernetes.io/zone + weight: 100 + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/instance: grafana-test + app.kubernetes.io/name: grafana + topologyKey: kubernetes.io/hostname diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-dashboard-json-values.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-dashboard-json-values.yaml new file mode 100644 index 0000000..e0c4e41 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-dashboard-json-values.yaml @@ -0,0 +1,53 @@ +dashboards: + my-provider: + my-awesome-dashboard: + # An empty but valid dashboard + json: | + { + "__inputs": [], + "__requires": [ + { + "type": "grafana", + "id": "grafana", + "name": "Grafana", + "version": "6.3.5" + } + ], + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": "-- Grafana --", + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "gnetId": null, + "graphTooltip": 0, + "id": null, + "links": [], + "panels": [], + "schemaVersion": 19, + "style": "dark", + "tags": [], + "templating": { + "list": [] + }, + "time": { + "from": "now-6h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": ["5s"] + }, + "timezone": "", + "title": "Dummy Dashboard", + "uid": "IdcYQooWk", + "version": 1 + } + datasource: Prometheus diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-dashboard-values.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-dashboard-values.yaml new file mode 100644 index 0000000..7b662c5 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-dashboard-values.yaml @@ -0,0 +1,19 @@ +dashboards: + my-provider: + my-awesome-dashboard: + gnetId: 10000 + revision: 1 + datasource: Prometheus +dashboardProviders: + dashboardproviders.yaml: + apiVersion: 1 + providers: + - name: 'my-provider' + orgId: 1 + folder: '' + type: file + updateIntervalSeconds: 10 + disableDeletion: true + editable: true + options: + path: /var/lib/grafana/dashboards/my-provider diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-extraconfigmapmounts-values.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-extraconfigmapmounts-values.yaml new file mode 100644 index 0000000..5cc44a0 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-extraconfigmapmounts-values.yaml @@ -0,0 +1,7 @@ +extraConfigmapMounts: + - name: '{{ include "grafana.fullname" . }}' + configMap: '{{ include "grafana.fullname" . }}' + mountPath: /var/lib/grafana/dashboards/test-dashboard.json + # This is not a realistic test, but for this we only care about extraConfigmapMounts not being empty and pointing to an existing ConfigMap + subPath: grafana.ini + readOnly: true diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-image-renderer-values.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-image-renderer-values.yaml new file mode 100644 index 0000000..06c0bda --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-image-renderer-values.yaml @@ -0,0 +1,107 @@ +podLabels: + customLableA: Aaaaa +imageRenderer: + enabled: true + env: + RENDERING_ARGS: --disable-gpu,--window-size=1280x758 + RENDERING_MODE: clustered + podLabels: + customLableB: Bbbbb + networkPolicy: + limitIngress: true + limitEgress: true + resources: + limits: + cpu: 1000m + memory: 1000Mi + requests: + cpu: 500m + memory: 50Mi + extraVolumes: + - name: empty-renderer-volume + emtpyDir: {} + extraVolumeMounts: + - mountPath: /tmp/renderer + name: empty-renderer-volume + extraConfigmapMounts: + - name: renderer-config + mountPath: /usr/src/app/config.json + subPath: renderer-config.json + configMap: image-renderer-config + extraSecretMounts: + - name: renderer-certificate + mountPath: /usr/src/app/certs/ + secretName: image-renderer-certificate + readOnly: true + +extraObjects: + - apiVersion: v1 + kind: ConfigMap + metadata: + name: image-renderer-config + data: + renderer-config.json: | + { + "service": { + "host": null, + "port": 8081, + "protocol": "http", + "certFile": "", + "certKey": "", + + "metrics": { + "enabled": true, + "collectDefaultMetrics": true, + "requestDurationBuckets": [1, 5, 7, 9, 11, 13, 15, 20, 30] + }, + + "logging": { + "level": "info", + "console": { + "json": true, + "colorize": false + } + }, + + "security": { + "authToken": "-" + } + }, + "rendering": { + "chromeBin": null, + "args": ["--no-sandbox", "--disable-gpu"], + "ignoresHttpsErrors": false, + + "timezone": null, + "acceptLanguage": null, + "width": 1000, + "height": 500, + "deviceScaleFactor": 1, + "maxWidth": 3080, + "maxHeight": 3000, + "maxDeviceScaleFactor": 4, + "pageZoomLevel": 1, + "headed": false, + + "mode": "default", + "emulateNetworkConditions": false, + "clustering": { + "monitor": false, + "mode": "browser", + "maxConcurrency": 5, + "timeout": 30 + }, + + "verboseLogging": false, + "dumpio": false, + "timingMetrics": false + } + } + - apiVersion: v1 + kind: Secret + metadata: + name: image-renderer-certificate + type: Opaque + data: + # Decodes to 'PLACEHOLDER CERTIFICATE' + not-a-real-certificate: UExBQ0VIT0xERVIgQ0VSVElGSUNBVEU= diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-nondefault-values.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-nondefault-values.yaml new file mode 100644 index 0000000..4848489 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-nondefault-values.yaml @@ -0,0 +1,32 @@ +global: + environment: prod +ingress: + enabled: true + hosts: + - monitoring-{{ .Values.global.environment }}.example.com + +route: + main: + enabled: true + labels: + app: monitoring-prometheus + hostnames: + - "*.example.com" + - "{{ .Values.global.environment }}.example.com" + filters: + - type: RequestHeaderModifier + requestHeaderModifier: + set: + - name: my-header-name + value: my-new-header-value + additionalRules: + - filters: + - type: RequestHeaderModifier + requestHeaderModifier: + set: + - name: my-header-name + value: my-new-header-value + matches: + - path: + type: PathPrefix + value: /foo/ diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-persistence.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-persistence.yaml new file mode 100644 index 0000000..b92ca02 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-persistence.yaml @@ -0,0 +1,3 @@ +persistence: + type: pvc + enabled: true diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-sidecars-envvaluefrom-values.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-sidecars-envvaluefrom-values.yaml new file mode 100644 index 0000000..180c803 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/ci/with-sidecars-envvaluefrom-values.yaml @@ -0,0 +1,53 @@ +extraObjects: + - apiVersion: v1 + kind: ConfigMap + metadata: + name: '{{ include "grafana.fullname" . }}-test' + data: + var1: "value1" + - apiVersion: v1 + kind: Secret + metadata: + name: '{{ include "grafana.fullname" . }}-test' + type: Opaque + data: + var2: "dmFsdWUy" + +sidecar: + alerts: + enabled: true + envValueFrom: + VAR1: + configMapKeyRef: + name: '{{ include "grafana.fullname" . }}-test' + key: var1 + VAR2: + secretKeyRef: + name: '{{ include "grafana.fullname" . }}-test' + key: var2 + VAR3: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + dashboards: + enabled: true + envValueFrom: + VAR1: + configMapKeyRef: + name: '{{ include "grafana.fullname" . }}-test' + key: var1 + VAR2: + secretKeyRef: + name: '{{ include "grafana.fullname" . }}-test' + key: var2 + datasources: + enabled: true + envValueFrom: + VAR1: + configMapKeyRef: + name: '{{ include "grafana.fullname" . }}-test' + key: var1 + VAR2: + secretKeyRef: + name: '{{ include "grafana.fullname" . }}-test' + key: var2 diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/dashboards/custom-dashboard.json b/charts/victoria-metrics-k8s-stack/charts/grafana/dashboards/custom-dashboard.json new file mode 100644 index 0000000..9e26dfe --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/dashboards/custom-dashboard.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/NOTES.txt b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/NOTES.txt new file mode 100644 index 0000000..a40f666 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/NOTES.txt @@ -0,0 +1,55 @@ +1. Get your '{{ .Values.adminUser }}' user password by running: + + kubectl get secret --namespace {{ include "grafana.namespace" . }} {{ .Values.admin.existingSecret | default (include "grafana.fullname" .) }} -o jsonpath="{.data.{{ .Values.admin.passwordKey | default "admin-password" }}}" | base64 --decode ; echo + + +2. The Grafana server can be accessed via port {{ .Values.service.port }} on the following DNS name from within your cluster: + + {{ include "grafana.fullname" . }}.{{ include "grafana.namespace" . }}.svc.cluster.local +{{ if .Values.ingress.enabled }} + If you bind grafana to 80, please update values in values.yaml and reinstall: + ``` + securityContext: + runAsUser: 0 + runAsGroup: 0 + fsGroup: 0 + + command: + - "setcap" + - "'cap_net_bind_service=+ep'" + - "/usr/sbin/grafana-server &&" + - "sh" + - "/run.sh" + ``` + Details refer to https://grafana.com/docs/installation/configuration/#http-port. + Or grafana would always crash. + + From outside the cluster, the server URL(s) are: + {{- range .Values.ingress.hosts }} + http://{{ . }} + {{- end }} +{{- else }} + Get the Grafana URL to visit by running these commands in the same shell: + {{- if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "grafana.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "grafana.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "grafana.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT + {{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc --namespace {{ include "grafana.namespace" . }} -w {{ include "grafana.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "grafana.namespace" . }} {{ include "grafana.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + http://$SERVICE_IP:{{ .Values.service.port -}} + {{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "grafana.namespace" . }} -l "app.kubernetes.io/name={{ include "grafana.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + kubectl --namespace {{ include "grafana.namespace" . }} port-forward $POD_NAME 3000 + {{- end }} +{{- end }} + +3. Login with the password from step 1 and the username: {{ .Values.adminUser }} + +{{- if and (not .Values.persistence.enabled) (not .Values.persistence.disableWarning) }} +################################################################################# +###### WARNING: Persistence is disabled!!! You will lose your data when ##### +###### the Grafana pod is terminated. ##### +################################################################################# +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/_config.tpl b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/_config.tpl new file mode 100644 index 0000000..23b914a --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/_config.tpl @@ -0,0 +1,176 @@ +{{/* + Generate config map data + */}} +{{- define "grafana.configData" -}} +{{ include "grafana.assertNoLeakedSecrets" . }} +{{- $files := .Files }} +{{- $root := . -}} +{{- with .Values.plugins }} +plugins: {{ join "," . }} +{{- end }} +grafana.ini: | +{{- range $elem, $elemVal := index .Values "grafana.ini" }} + {{- if not (kindIs "map" $elemVal) }} + {{- if kindIs "invalid" $elemVal }} + {{ $elem }} = + {{- else if kindIs "slice" $elemVal }} + {{ $elem }} = {{ toJson $elemVal }} + {{- else if kindIs "string" $elemVal }} + {{ $elem }} = {{ tpl $elemVal $ }} + {{- else }} + {{ $elem }} = {{ $elemVal }} + {{- end }} + {{- end }} +{{- end }} +{{- range $key, $value := index .Values "grafana.ini" }} + {{- if kindIs "map" $value }} + [{{ $key }}] + {{- range $elem, $elemVal := $value }} + {{- if kindIs "invalid" $elemVal }} + {{ $elem }} = + {{- else if kindIs "slice" $elemVal }} + {{ $elem }} = {{ toJson $elemVal }} + {{- else if kindIs "string" $elemVal }} + {{ $elem }} = {{ tpl $elemVal $ }} + {{- else }} + {{ $elem }} = {{ $elemVal }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} + +{{- range $key, $value := .Values.datasources }} +{{- if not (hasKey $value "secret") }} +{{ $key }}: | + {{- tpl (toYaml $value | nindent 2) $root }} +{{- end }} +{{- end }} + +{{- range $key, $value := .Values.notifiers }} +{{- if not (hasKey $value "secret") }} +{{ $key }}: | + {{- toYaml $value | nindent 2 }} +{{- end }} +{{- end }} + +{{- range $key, $value := .Values.alerting }} +{{- if (hasKey $value "file") }} +{{ $key }}: +{{- toYaml ( $files.Get $value.file ) | nindent 2 }} +{{- else if (or (hasKey $value "secret") (hasKey $value "secretFile"))}} +{{/* will be stored inside secret generated by "configSecret.yaml"*/}} +{{- else }} +{{ $key }}: | + {{- tpl (toYaml $value | nindent 2) $root }} +{{- end }} +{{- end }} + +{{- range $key, $value := .Values.dashboardProviders }} +{{ $key }}: | + {{- toYaml $value | nindent 2 }} +{{- end }} + +{{- if .Values.dashboards }} +download_dashboards.sh: | + #!/usr/bin/env sh + set -euf + {{- if .Values.dashboardProviders }} + {{- range $key, $value := .Values.dashboardProviders }} + {{- range $value.providers }} + mkdir -p {{ .options.path }} + {{- end }} + {{- end }} + {{- end }} +{{ $dashboardProviders := .Values.dashboardProviders }} +{{- range $provider, $dashboards := .Values.dashboards }} + {{- range $key, $value := $dashboards }} + {{- if (or (hasKey $value "gnetId") (hasKey $value "url")) }} + curl {{ get $value "curlOptions" | default $.Values.defaultCurlOptions }} \ + --connect-timeout 60 \ + --max-time 60 \ + {{- if not $value.b64content }} + {{- if not $value.acceptHeader }} + -H "Accept: application/json" \ + {{- else }} + -H "Accept: {{ $value.acceptHeader }}" \ + {{- end }} + {{- if $value.token }} + -H "Authorization: token {{ $value.token }}" \ + {{- end }} + {{- if $value.bearerToken }} + -H "Authorization: Bearer {{ $value.bearerToken }}" \ + {{- end }} + {{- if $value.basic }} + -H "Authorization: Basic {{ $value.basic }}" \ + {{- end }} + {{- if $value.gitlabToken }} + -H "PRIVATE-TOKEN: {{ $value.gitlabToken }}" \ + {{- end }} + -H "Content-Type: application/json;charset=UTF-8" \ + {{- end }} + {{- $dpPath := "" -}} + {{- range $kd := (index $dashboardProviders "dashboardproviders.yaml").providers }} + {{- if eq $kd.name $provider }} + {{- $dpPath = $kd.options.path }} + {{- end }} + {{- end }} + {{- if $value.url }} + "{{ $value.url }}" \ + {{- else }} + "https://grafana.com/api/dashboards/{{ $value.gnetId }}/revisions/{{- if $value.revision -}}{{ $value.revision }}{{- else -}}1{{- end -}}/download" \ + {{- end }} + {{- if $value.datasource }} + {{- if kindIs "string" $value.datasource }} + | sed '/-- .* --/! s/"datasource":.*,/"datasource": "{{ $value.datasource }}",/g' \ + {{- end }} + {{- if kindIs "slice" $value.datasource }} + {{- range $value.datasource }} + | sed '/-- .* --/! s/${{"{"}}{{ .name }}}/{{ .value }}/g' \ + {{- end }} + {{- end }} + {{- end }} + {{- if $value.b64content }} + | base64 -d \ + {{- end }} + > "{{- if $dpPath -}}{{ $dpPath }}{{- else -}}/var/lib/grafana/dashboards/{{ $provider }}{{- end -}}/{{ $key }}.json" + {{ end }} + {{- end }} +{{- end }} +{{- end }} +{{- end -}} + +{{/* + Generate dashboard json config map data + */}} +{{- define "grafana.configDashboardProviderData" -}} +provider.yaml: |- + apiVersion: 1 + providers: + - name: '{{ .Values.sidecar.dashboards.provider.name }}' + orgId: {{ .Values.sidecar.dashboards.provider.orgid }} + {{- if not .Values.sidecar.dashboards.provider.foldersFromFilesStructure }} + folder: '{{ .Values.sidecar.dashboards.provider.folder }}' + folderUid: '{{ .Values.sidecar.dashboards.provider.folderUid }}' + {{- end }} + type: {{ .Values.sidecar.dashboards.provider.type }} + disableDeletion: {{ .Values.sidecar.dashboards.provider.disableDelete }} + allowUiUpdates: {{ .Values.sidecar.dashboards.provider.allowUiUpdates }} + updateIntervalSeconds: {{ .Values.sidecar.dashboards.provider.updateIntervalSeconds | default 30 }} + options: + foldersFromFilesStructure: {{ .Values.sidecar.dashboards.provider.foldersFromFilesStructure }} + path: {{ .Values.sidecar.dashboards.folder }}{{- with .Values.sidecar.dashboards.defaultFolderName }}/{{ . }}{{- end }} +{{- end -}} + +{{- define "grafana.secretsData" -}} +{{- if and (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) }} +admin-user: {{ .Values.adminUser | b64enc | quote }} +{{- if .Values.adminPassword }} +admin-password: {{ .Values.adminPassword | b64enc | quote }} +{{- else }} +admin-password: {{ include "grafana.password" . }} +{{- end }} +{{- end }} +{{- if not .Values.ldap.existingSecret }} +ldap-toml: {{ tpl .Values.ldap.config $ | b64enc | quote }} +{{- end }} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/_helpers.tpl b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/_helpers.tpl new file mode 100644 index 0000000..be9c1c5 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/_helpers.tpl @@ -0,0 +1,274 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "grafana.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "grafana.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "grafana.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create the name of the service account +*/}} +{{- define "grafana.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "grafana.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{- define "grafana.serviceAccountNameTest" -}} +{{- if .Values.serviceAccount.create }} +{{- default (print (include "grafana.fullname" .) "-test") .Values.serviceAccount.nameTest }} +{{- else }} +{{- default "default" .Values.serviceAccount.nameTest }} +{{- end }} +{{- end }} + +{{/* +Allow the release namespace to be overridden for multi-namespace deployments in combined charts +*/}} +{{- define "grafana.namespace" -}} +{{- if .Values.namespaceOverride }} +{{- .Values.namespaceOverride }} +{{- else }} +{{- .Release.Namespace }} +{{- end }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "grafana.labels" -}} +helm.sh/chart: {{ include "grafana.chart" . }} +{{ include "grafana.selectorLabels" . }} +{{- if or .Chart.AppVersion .Values.image.tag }} +app.kubernetes.io/version: {{ mustRegexReplaceAllLiteral "@sha.*" .Values.image.tag "" | default .Chart.AppVersion | trunc 63 | trimSuffix "-" | quote }} +{{- end }} +{{- with .Values.extraLabels }} +{{ toYaml . }} +{{- end }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "grafana.selectorLabels" -}} +app.kubernetes.io/name: {{ include "grafana.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "grafana.imageRenderer.labels" -}} +helm.sh/chart: {{ include "grafana.chart" . }} +{{ include "grafana.imageRenderer.selectorLabels" . }} +{{- if or .Chart.AppVersion .Values.image.tag }} +app.kubernetes.io/version: {{ mustRegexReplaceAllLiteral "@sha.*" .Values.image.tag "" | default .Chart.AppVersion | trunc 63 | trimSuffix "-" | quote }} +{{- end }} +{{- end }} + +{{/* +Selector labels ImageRenderer +*/}} +{{- define "grafana.imageRenderer.selectorLabels" -}} +app.kubernetes.io/name: {{ include "grafana.name" . }}-image-renderer +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Looks if there's an existing secret and reuse its password. If not it generates +new password and use it. +*/}} +{{- define "grafana.password" -}} +{{- $secret := (lookup "v1" "Secret" (include "grafana.namespace" .) (include "grafana.fullname" .) ) }} +{{- if $secret }} +{{- index $secret "data" "admin-password" }} +{{- else }} +{{- (randAlphaNum 40) | b64enc | quote }} +{{- end }} +{{- end }} + +{{/* +Return the appropriate apiVersion for rbac. +*/}} +{{- define "grafana.rbac.apiVersion" -}} +{{- if $.Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }} +{{- print "rbac.authorization.k8s.io/v1" }} +{{- else }} +{{- print "rbac.authorization.k8s.io/v1beta1" }} +{{- end }} +{{- end }} + +{{/* +Return the appropriate apiVersion for ingress. +*/}} +{{- define "grafana.ingress.apiVersion" -}} +{{- if and ($.Capabilities.APIVersions.Has "networking.k8s.io/v1") (semverCompare ">= 1.19-0" .Capabilities.KubeVersion.Version) }} +{{- print "networking.k8s.io/v1" }} +{{- else if $.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} +{{- print "networking.k8s.io/v1beta1" }} +{{- else }} +{{- print "extensions/v1beta1" }} +{{- end }} +{{- end }} + +{{/* +Return the appropriate apiVersion for Horizontal Pod Autoscaler. +*/}} +{{- define "grafana.hpa.apiVersion" -}} +{{- if .Capabilities.APIVersions.Has "autoscaling/v2" }} +{{- print "autoscaling/v2" }} +{{- else }} +{{- print "autoscaling/v2beta2" }} +{{- end }} +{{- end }} + +{{/* +Return the appropriate apiVersion for podDisruptionBudget. +*/}} +{{- define "grafana.podDisruptionBudget.apiVersion" -}} +{{- if $.Values.podDisruptionBudget.apiVersion }} +{{- print $.Values.podDisruptionBudget.apiVersion }} +{{- else if $.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" }} +{{- print "policy/v1" }} +{{- else }} +{{- print "policy/v1beta1" }} +{{- end }} +{{- end }} + +{{/* +Return if ingress is stable. +*/}} +{{- define "grafana.ingress.isStable" -}} +{{- eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1" }} +{{- end }} + +{{/* +Return if ingress supports ingressClassName. +*/}} +{{- define "grafana.ingress.supportsIngressClassName" -}} +{{- or (eq (include "grafana.ingress.isStable" .) "true") (and (eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) }} +{{- end }} + +{{/* +Return if ingress supports pathType. +*/}} +{{- define "grafana.ingress.supportsPathType" -}} +{{- or (eq (include "grafana.ingress.isStable" .) "true") (and (eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) }} +{{- end }} + +{{/* +Formats imagePullSecrets. Input is (dict "root" . "imagePullSecrets" .{specific imagePullSecrets}) +*/}} +{{- define "grafana.imagePullSecrets" -}} +{{- $root := .root }} +{{- range (concat .root.Values.global.imagePullSecrets .imagePullSecrets) }} +{{- if eq (typeOf .) "map[string]interface {}" }} +- {{ toYaml (dict "name" (tpl .name $root)) | trim }} +{{- else }} +- name: {{ tpl . $root }} +{{- end }} +{{- end }} +{{- end }} + + +{{/* + Checks whether or not the configSecret secret has to be created + */}} +{{- define "grafana.shouldCreateConfigSecret" -}} +{{- $secretFound := false -}} +{{- range $key, $value := .Values.datasources }} + {{- if hasKey $value "secret" }} + {{- $secretFound = true}} + {{- end }} +{{- end }} +{{- range $key, $value := .Values.notifiers }} + {{- if hasKey $value "secret" }} + {{- $secretFound = true}} + {{- end }} +{{- end }} +{{- range $key, $value := .Values.alerting }} + {{- if (or (hasKey $value "secret") (hasKey $value "secretFile")) }} + {{- $secretFound = true}} + {{- end }} +{{- end }} +{{- $secretFound}} +{{- end -}} + +{{/* + Checks whether the user is attempting to store secrets in plaintext + in the grafana.ini configmap +*/}} +{{/* grafana.assertNoLeakedSecrets checks for sensitive keys in values */}} +{{- define "grafana.assertNoLeakedSecrets" -}} + {{- $sensitiveKeysYaml := ` +sensitiveKeys: +- path: ["database", "password"] +- path: ["smtp", "password"] +- path: ["security", "secret_key"] +- path: ["security", "admin_password"] +- path: ["auth.basic", "password"] +- path: ["auth.ldap", "bind_password"] +- path: ["auth.google", "client_secret"] +- path: ["auth.github", "client_secret"] +- path: ["auth.gitlab", "client_secret"] +- path: ["auth.generic_oauth", "client_secret"] +- path: ["auth.okta", "client_secret"] +- path: ["auth.azuread", "client_secret"] +- path: ["auth.grafana_com", "client_secret"] +- path: ["auth.grafananet", "client_secret"] +- path: ["azure", "user_identity_client_secret"] +- path: ["unified_alerting", "ha_redis_password"] +- path: ["metrics", "basic_auth_password"] +- path: ["external_image_storage.s3", "secret_key"] +- path: ["external_image_storage.webdav", "password"] +- path: ["external_image_storage.azure_blob", "account_key"] +` | fromYaml -}} + {{- if $.Values.assertNoLeakedSecrets -}} + {{- $grafanaIni := index .Values "grafana.ini" -}} + {{- range $_, $secret := $sensitiveKeysYaml.sensitiveKeys -}} + {{- $currentMap := $grafanaIni -}} + {{- $shouldContinue := true -}} + {{- range $index, $elem := $secret.path -}} + {{- if and $shouldContinue (hasKey $currentMap $elem) -}} + {{- if eq (len $secret.path) (add1 $index) -}} + {{- if not (regexMatch "\\$(?:__(?:env|file|vault))?{[^}]+}" (index $currentMap $elem)) -}} + {{- fail (printf "Sensitive key '%s' should not be defined explicitly in values. Use variable expansion instead. You can disable this client-side validation by changing the value of assertNoLeakedSecrets." (join "." $secret.path)) -}} + {{- end -}} + {{- else -}} + {{- $currentMap = index $currentMap $elem -}} + {{- end -}} + {{- else -}} + {{- $shouldContinue = false -}} + {{- end -}} + {{- end -}} + {{- end -}} + {{- end -}} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/_pod.tpl b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/_pod.tpl new file mode 100644 index 0000000..986864e --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/_pod.tpl @@ -0,0 +1,1442 @@ +{{- define "grafana.pod" -}} +{{- $sts := list "sts" "StatefulSet" "statefulset" -}} +{{- $root := . -}} +{{- with .Values.schedulerName }} +schedulerName: "{{ . }}" +{{- end }} +serviceAccountName: {{ include "grafana.serviceAccountName" . }} +automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} +shareProcessNamespace: {{ .Values.shareProcessNamespace }} +{{- with .Values.securityContext }} +securityContext: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- with .Values.hostAliases }} +hostAliases: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- if .Values.dnsPolicy }} +dnsPolicy: {{ .Values.dnsPolicy }} +{{- end }} +{{- with .Values.dnsConfig }} +dnsConfig: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- with .Values.priorityClassName }} +priorityClassName: {{ . }} +{{- end }} +{{- if ( or (and .Values.persistence.enabled .Values.initChownData.enabled) .Values.dashboards .Values.extraInitContainers (and .Values.sidecar.alerts.enabled .Values.sidecar.alerts.initAlerts) (and .Values.sidecar.datasources.enabled .Values.sidecar.datasources.initDatasources) (and .Values.sidecar.notifiers.enabled .Values.sidecar.notifiers.initNotifiers)) }} +initContainers: +{{- end }} +{{- if ( and .Values.persistence.enabled .Values.initChownData.enabled ) }} + - name: init-chown-data + {{- $registry := .Values.global.imageRegistry | default .Values.initChownData.image.registry -}} + {{- if .Values.initChownData.image.sha }} + image: "{{ $registry }}/{{ .Values.initChownData.image.repository }}:{{ .Values.initChownData.image.tag }}@sha256:{{ .Values.initChownData.image.sha }}" + {{- else }} + image: "{{ $registry }}/{{ .Values.initChownData.image.repository }}:{{ .Values.initChownData.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.initChownData.image.pullPolicy }} + {{- with .Values.initChownData.securityContext }} + securityContext: + {{- toYaml . | nindent 6 }} + {{- end }} + command: + - chown + - -R + - {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.runAsGroup }} + - /var/lib/grafana + {{- with .Values.initChownData.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + volumeMounts: + - name: storage + mountPath: "/var/lib/grafana" + {{- with .Values.persistence.subPath }} + subPath: {{ tpl . $root }} + {{- end }} +{{- end }} +{{- if .Values.dashboards }} + - name: download-dashboards + {{- $registry := .Values.global.imageRegistry | default .Values.downloadDashboardsImage.registry -}} + {{- if .Values.downloadDashboardsImage.sha }} + image: "{{ $registry }}/{{ .Values.downloadDashboardsImage.repository }}:{{ .Values.downloadDashboardsImage.tag }}@sha256:{{ .Values.downloadDashboardsImage.sha }}" + {{- else }} + image: "{{ $registry }}/{{ .Values.downloadDashboardsImage.repository }}:{{ .Values.downloadDashboardsImage.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.downloadDashboardsImage.pullPolicy }} + command: ["/bin/sh"] + args: [ "-c", "mkdir -p /var/lib/grafana/dashboards/default && /bin/sh -x /etc/grafana/download_dashboards.sh" ] + {{- with .Values.downloadDashboards.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + env: + {{- range $key, $value := .Values.downloadDashboards.env }} + - name: "{{ $key }}" + value: "{{ $value }}" + {{- end }} + {{- range $key, $value := .Values.downloadDashboards.envValueFrom }} + - name: {{ $key | quote }} + valueFrom: + {{- tpl (toYaml $value) $ | nindent 10 }} + {{- end }} + {{- with .Values.downloadDashboards.securityContext }} + securityContext: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.downloadDashboards.envFromSecret }} + envFrom: + - secretRef: + name: {{ tpl . $root }} + {{- end }} + volumeMounts: + - name: config + mountPath: "/etc/grafana/download_dashboards.sh" + subPath: download_dashboards.sh + - name: storage + mountPath: "/var/lib/grafana" + {{- with .Values.persistence.subPath }} + subPath: {{ tpl . $root }} + {{- end }} + {{- range .Values.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + readOnly: {{ .readOnly }} + {{- end }} +{{- end }} +{{- if and .Values.sidecar.alerts.enabled .Values.sidecar.alerts.initAlerts }} + - name: {{ include "grafana.name" . }}-init-sc-alerts + {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} + {{- if .Values.sidecar.image.sha }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" + {{- else }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} + env: + {{- range $key, $value := .Values.sidecar.alerts.env }} + - name: "{{ $key }}" + value: "{{ $value }}" + {{- end }} + {{- range $key, $value := .Values.sidecar.alerts.envValueFrom }} + - name: {{ $key | quote }} + valueFrom: + {{- tpl (toYaml $value) $ | nindent 10 }} + {{- end }} + {{- if .Values.sidecar.alerts.ignoreAlreadyProcessed }} + - name: IGNORE_ALREADY_PROCESSED + value: "true" + {{- end }} + - name: METHOD + value: "LIST" + - name: LABEL + value: "{{ tpl .Values.sidecar.alerts.label $root }}" + {{- with .Values.sidecar.alerts.labelValue }} + - name: LABEL_VALUE + value: {{ quote (tpl . $root) }} + {{- end }} + {{- if or .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }} + - name: LOG_LEVEL + value: {{ default .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }} + {{- end }} + - name: FOLDER + value: "/etc/grafana/provisioning/alerting" + - name: RESOURCE + value: {{ quote .Values.sidecar.alerts.resource }} + {{- with .Values.sidecar.enableUniqueFilenames }} + - name: UNIQUE_FILENAMES + value: "{{ . }}" + {{- end }} + {{- with .Values.sidecar.alerts.searchNamespace }} + - name: NAMESPACE + value: {{ . | join "," | quote }} + {{- end }} + {{- with .Values.sidecar.alerts.skipTlsVerify }} + - name: SKIP_TLS_VERIFY + value: {{ quote . }} + {{- end }} + {{- with .Values.sidecar.alerts.script }} + - name: SCRIPT + value: {{ quote . }} + {{- end }} + {{- with .Values.sidecar.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.securityContext }} + securityContext: + {{- toYaml . | nindent 6 }} + {{- end }} + volumeMounts: + - name: sc-alerts-volume + mountPath: "/etc/grafana/provisioning/alerting" + {{- with .Values.sidecar.alerts.extraMounts }} + {{- toYaml . | trim | nindent 6 }} + {{- end }} +{{- end }} +{{- if and .Values.sidecar.datasources.enabled .Values.sidecar.datasources.initDatasources }} + - name: {{ include "grafana.name" . }}-init-sc-datasources + {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} + {{- if .Values.sidecar.image.sha }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" + {{- else }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} + env: + {{- range $key, $value := .Values.sidecar.datasources.env }} + - name: "{{ $key }}" + value: "{{ $value }}" + {{- end }} + {{- range $key, $value := .Values.sidecar.datasources.envValueFrom }} + - name: {{ $key | quote }} + valueFrom: + {{- tpl (toYaml $value) $ | nindent 10 }} + {{- end }} + {{- if .Values.sidecar.datasources.ignoreAlreadyProcessed }} + - name: IGNORE_ALREADY_PROCESSED + value: "true" + {{- end }} + - name: METHOD + value: "LIST" + - name: LABEL + value: "{{ tpl .Values.sidecar.datasources.label $root }}" + {{- with .Values.sidecar.datasources.labelValue }} + - name: LABEL_VALUE + value: {{ quote (tpl . $root) }} + {{- end }} + {{- if or .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }} + - name: LOG_LEVEL + value: {{ default .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }} + {{- end }} + - name: FOLDER + value: "/etc/grafana/provisioning/datasources" + - name: RESOURCE + value: {{ quote .Values.sidecar.datasources.resource }} + {{- with .Values.sidecar.enableUniqueFilenames }} + - name: UNIQUE_FILENAMES + value: "{{ . }}" + {{- end }} + {{- if .Values.sidecar.datasources.searchNamespace }} + - name: NAMESPACE + value: "{{ tpl (.Values.sidecar.datasources.searchNamespace | join ",") . }}" + {{- end }} + {{- with .Values.sidecar.skipTlsVerify }} + - name: SKIP_TLS_VERIFY + value: "{{ . }}" + {{- end }} + {{- with .Values.sidecar.datasources.script }} + - name: SCRIPT + value: {{ quote . }} + {{- end }} + {{- with .Values.sidecar.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.securityContext }} + securityContext: + {{- toYaml . | nindent 6 }} + {{- end }} + volumeMounts: + - name: sc-datasources-volume + mountPath: "/etc/grafana/provisioning/datasources" + {{- with .Values.sidecar.datasources.extraMounts }} + {{- toYaml . | trim | nindent 6 }} + {{- end }} +{{- end }} +{{- if and .Values.sidecar.notifiers.enabled .Values.sidecar.notifiers.initNotifiers }} + - name: {{ include "grafana.name" . }}-init-sc-notifiers + {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} + {{- if .Values.sidecar.image.sha }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" + {{- else }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} + env: + {{- range $key, $value := .Values.sidecar.notifiers.env }} + - name: "{{ $key }}" + value: "{{ $value }}" + {{- end }} + {{- if .Values.sidecar.notifiers.ignoreAlreadyProcessed }} + - name: IGNORE_ALREADY_PROCESSED + value: "true" + {{- end }} + - name: METHOD + value: LIST + - name: LABEL + value: "{{ tpl .Values.sidecar.notifiers.label $root }}" + {{- with .Values.sidecar.notifiers.labelValue }} + - name: LABEL_VALUE + value: {{ quote (tpl . $root) }} + {{- end }} + {{- if or .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }} + - name: LOG_LEVEL + value: {{ default .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }} + {{- end }} + - name: FOLDER + value: "/etc/grafana/provisioning/notifiers" + - name: RESOURCE + value: {{ quote .Values.sidecar.notifiers.resource }} + {{- with .Values.sidecar.enableUniqueFilenames }} + - name: UNIQUE_FILENAMES + value: "{{ . }}" + {{- end }} + {{- with .Values.sidecar.notifiers.searchNamespace }} + - name: NAMESPACE + value: "{{ tpl (. | join ",") $root }}" + {{- end }} + {{- with .Values.sidecar.skipTlsVerify }} + - name: SKIP_TLS_VERIFY + value: "{{ . }}" + {{- end }} + {{- with .Values.sidecar.notifiers.script }} + - name: SCRIPT + value: {{ quote . }} + {{- end }} + {{- with .Values.sidecar.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.securityContext }} + securityContext: + {{- toYaml . | nindent 6 }} + {{- end }} + volumeMounts: + - name: sc-notifiers-volume + mountPath: "/etc/grafana/provisioning/notifiers" + {{- with .Values.sidecar.notifiers.extraMounts }} + {{- toYaml . | trim | nindent 6 }} + {{- end }} +{{- end}} +{{- with .Values.extraInitContainers }} + {{- tpl (toYaml .) $root | nindent 2 }} +{{- end }} +{{- if or .Values.image.pullSecrets .Values.global.imagePullSecrets }} +imagePullSecrets: + {{- include "grafana.imagePullSecrets" (dict "root" $root "imagePullSecrets" .Values.image.pullSecrets) | nindent 2 }} +{{- end }} +{{- if not .Values.enableKubeBackwardCompatibility }} +enableServiceLinks: {{ .Values.enableServiceLinks }} +{{- end }} +containers: +{{- if and .Values.sidecar.alerts.enabled (not .Values.sidecar.alerts.initAlerts) }} + - name: {{ include "grafana.name" . }}-sc-alerts + {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} + {{- if .Values.sidecar.image.sha }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" + {{- else }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} + env: + {{- range $key, $value := .Values.sidecar.alerts.env }} + - name: "{{ $key }}" + value: "{{ $value }}" + {{- end }} + {{- if .Values.sidecar.alerts.ignoreAlreadyProcessed }} + - name: IGNORE_ALREADY_PROCESSED + value: "true" + {{- end }} + - name: METHOD + value: {{ .Values.sidecar.alerts.watchMethod }} + - name: LABEL + value: "{{ tpl .Values.sidecar.alerts.label $root }}" + {{- with .Values.sidecar.alerts.labelValue }} + - name: LABEL_VALUE + value: {{ quote (tpl . $root) }} + {{- end }} + {{- if or .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }} + - name: LOG_LEVEL + value: {{ default .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }} + {{- end }} + - name: FOLDER + value: "/etc/grafana/provisioning/alerting" + - name: RESOURCE + value: {{ quote .Values.sidecar.alerts.resource }} + {{- if .Values.sidecar.alerts.resourceName }} + - name: RESOURCE_NAME + value: {{ quote .Values.sidecar.alerts.resourceName }} + {{- end }} + {{- with .Values.sidecar.enableUniqueFilenames }} + - name: UNIQUE_FILENAMES + value: "{{ . }}" + {{- end }} + {{- with .Values.sidecar.alerts.searchNamespace }} + - name: NAMESPACE + value: {{ . | join "," | quote }} + {{- end }} + {{- with .Values.sidecar.alerts.skipTlsVerify }} + - name: SKIP_TLS_VERIFY + value: {{ quote . }} + {{- end }} + {{- with .Values.sidecar.alerts.script }} + - name: SCRIPT + value: {{ quote . }} + {{- end }} + {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} + key: {{ .Values.admin.userKey | default "admin-user" }} + {{- end }} + {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} + key: {{ .Values.admin.passwordKey | default "admin-password" }} + {{- end }} + {{- if not .Values.sidecar.alerts.skipReload }} + - name: REQ_URL + value: {{ .Values.sidecar.alerts.reloadURL }} + - name: REQ_METHOD + value: POST + {{- end }} + {{- if .Values.sidecar.alerts.watchServerTimeout }} + {{- if ne .Values.sidecar.alerts.watchMethod "WATCH" }} + {{- fail (printf "Cannot use .Values.sidecar.alerts.watchServerTimeout with .Values.sidecar.alerts.watchMethod %s" .Values.sidecar.alerts.watchMethod) }} + {{- end }} + - name: WATCH_SERVER_TIMEOUT + value: "{{ .Values.sidecar.alerts.watchServerTimeout }}" + {{- end }} + {{- if .Values.sidecar.alerts.watchClientTimeout }} + {{- if ne .Values.sidecar.alerts.watchMethod "WATCH" }} + {{- fail (printf "Cannot use .Values.sidecar.alerts.watchClientTimeout with .Values.sidecar.alerts.watchMethod %s" .Values.sidecar.alerts.watchMethod) }} + {{- end }} + - name: WATCH_CLIENT_TIMEOUT + value: "{{ .Values.sidecar.alerts.watchClientTimeout }}" + {{- end }} + {{- if .Values.sidecar.alerts.maxTotalRetries }} + - name: REQ_RETRY_TOTAL + value: "{{ .Values.sidecar.alerts.maxTotalRetries }}" + {{- end }} + {{- if .Values.sidecar.alerts.maxConnectRetries }} + - name: REQ_RETRY_CONNECT + value: "{{ .Values.sidecar.alerts.maxConnectRetries }}" + {{- end }} + {{- if .Values.sidecar.alerts.maxReadRetries }} + - name: REQ_RETRY_READ + value: "{{ .Values.sidecar.alerts.maxReadRetries }}" + {{- end }} + {{- with .Values.sidecar.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.securityContext }} + securityContext: + {{- toYaml . | nindent 6 }} + {{- end }} + volumeMounts: + - name: sc-alerts-volume + mountPath: "/etc/grafana/provisioning/alerting" + {{- with .Values.sidecar.alerts.extraMounts }} + {{- toYaml . | trim | nindent 6 }} + {{- end }} +{{- end}} +{{- if .Values.sidecar.dashboards.enabled }} + - name: {{ include "grafana.name" . }}-sc-dashboard + {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} + {{- if .Values.sidecar.image.sha }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" + {{- else }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} + env: + {{- range $key, $value := .Values.sidecar.dashboards.env }} + - name: "{{ $key }}" + value: "{{ $value }}" + {{- end }} + {{- range $key, $value := .Values.sidecar.dashboards.envValueFrom }} + - name: {{ $key | quote }} + valueFrom: + {{- tpl (toYaml $value) $ | nindent 10 }} + {{- end }} + {{- if .Values.sidecar.dashboards.ignoreAlreadyProcessed }} + - name: IGNORE_ALREADY_PROCESSED + value: "true" + {{- end }} + - name: METHOD + value: {{ .Values.sidecar.dashboards.watchMethod }} + - name: LABEL + value: "{{ tpl .Values.sidecar.dashboards.label $root }}" + {{- with .Values.sidecar.dashboards.labelValue }} + - name: LABEL_VALUE + value: {{ quote (tpl . $root) }} + {{- end }} + {{- if or .Values.sidecar.logLevel .Values.sidecar.dashboards.logLevel }} + - name: LOG_LEVEL + value: {{ default .Values.sidecar.logLevel .Values.sidecar.dashboards.logLevel }} + {{- end }} + - name: FOLDER + value: "{{ .Values.sidecar.dashboards.folder }}{{- with .Values.sidecar.dashboards.defaultFolderName }}/{{ . }}{{- end }}" + - name: RESOURCE + value: {{ quote .Values.sidecar.dashboards.resource }} + {{- if .Values.sidecar.dashboards.resourceName }} + - name: RESOURCE_NAME + value: {{ quote .Values.sidecar.dashboards.resourceName }} + {{- end }} + {{- with .Values.sidecar.enableUniqueFilenames }} + - name: UNIQUE_FILENAMES + value: "{{ . }}" + {{- end }} + {{- with .Values.sidecar.dashboards.searchNamespace }} + - name: NAMESPACE + value: "{{ tpl (. | join ",") $root }}" + {{- end }} + {{- with .Values.sidecar.skipTlsVerify }} + - name: SKIP_TLS_VERIFY + value: "{{ . }}" + {{- end }} + {{- with .Values.sidecar.dashboards.folderAnnotation }} + - name: FOLDER_ANNOTATION + value: "{{ . }}" + {{- end }} + {{- with .Values.sidecar.dashboards.script }} + - name: SCRIPT + value: {{ quote . }} + {{- end }} + {{- if not .Values.sidecar.dashboards.skipReload }} + {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} + key: {{ .Values.admin.userKey | default "admin-user" }} + {{- end }} + {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} + key: {{ .Values.admin.passwordKey | default "admin-password" }} + {{- end }} + - name: REQ_URL + value: {{ .Values.sidecar.dashboards.reloadURL }} + - name: REQ_METHOD + value: POST + {{- end }} + {{- if .Values.sidecar.dashboards.watchServerTimeout }} + {{- if ne .Values.sidecar.dashboards.watchMethod "WATCH" }} + {{- fail (printf "Cannot use .Values.sidecar.dashboards.watchServerTimeout with .Values.sidecar.dashboards.watchMethod %s" .Values.sidecar.dashboards.watchMethod) }} + {{- end }} + - name: WATCH_SERVER_TIMEOUT + value: "{{ .Values.sidecar.dashboards.watchServerTimeout }}" + {{- end }} + {{- if .Values.sidecar.dashboards.watchClientTimeout }} + {{- if ne .Values.sidecar.dashboards.watchMethod "WATCH" }} + {{- fail (printf "Cannot use .Values.sidecar.dashboards.watchClientTimeout with .Values.sidecar.dashboards.watchMethod %s" .Values.sidecar.dashboards.watchMethod) }} + {{- end }} + - name: WATCH_CLIENT_TIMEOUT + value: {{ .Values.sidecar.dashboards.watchClientTimeout | quote }} + {{- end }} + {{- if .Values.sidecar.dashboards.maxTotalRetries }} + - name: REQ_RETRY_TOTAL + value: "{{ .Values.sidecar.dashboards.maxTotalRetries }}" + {{- end }} + {{- if .Values.sidecar.dashboards.maxConnectRetries }} + - name: REQ_RETRY_CONNECT + value: "{{ .Values.sidecar.dashboards.maxConnectRetries }}" + {{- end }} + {{- if .Values.sidecar.dashboards.maxReadRetries }} + - name: REQ_RETRY_READ + value: "{{ .Values.sidecar.dashboards.maxReadRetries }}" + {{- end }} + {{- with .Values.sidecar.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.securityContext }} + securityContext: + {{- toYaml . | nindent 6 }} + {{- end }} + volumeMounts: + - name: sc-dashboard-volume + mountPath: {{ .Values.sidecar.dashboards.folder | quote }} + {{- with .Values.sidecar.dashboards.extraMounts }} + {{- toYaml . | trim | nindent 6 }} + {{- end }} +{{- end}} +{{- if and .Values.sidecar.datasources.enabled (not .Values.sidecar.datasources.initDatasources) }} + - name: {{ include "grafana.name" . }}-sc-datasources + {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} + {{- if .Values.sidecar.image.sha }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" + {{- else }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} + env: + {{- range $key, $value := .Values.sidecar.datasources.env }} + - name: "{{ $key }}" + value: "{{ $value }}" + {{- end }} + {{- range $key, $value := .Values.sidecar.datasources.envValueFrom }} + - name: {{ $key | quote }} + valueFrom: + {{- tpl (toYaml $value) $ | nindent 10 }} + {{- end }} + {{- if .Values.sidecar.datasources.ignoreAlreadyProcessed }} + - name: IGNORE_ALREADY_PROCESSED + value: "true" + {{- end }} + - name: METHOD + value: {{ .Values.sidecar.datasources.watchMethod }} + - name: LABEL + value: "{{ tpl .Values.sidecar.datasources.label $root }}" + {{- with .Values.sidecar.datasources.labelValue }} + - name: LABEL_VALUE + value: {{ quote (tpl . $root) }} + {{- end }} + {{- if or .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }} + - name: LOG_LEVEL + value: {{ default .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }} + {{- end }} + - name: FOLDER + value: "/etc/grafana/provisioning/datasources" + - name: RESOURCE + value: {{ quote .Values.sidecar.datasources.resource }} + {{- if .Values.sidecar.datasources.resourceName }} + - name: RESOURCE_NAME + value: {{ quote .Values.sidecar.datasources.resourceName }} + {{- end }} + {{- with .Values.sidecar.enableUniqueFilenames }} + - name: UNIQUE_FILENAMES + value: "{{ . }}" + {{- end }} + {{- with .Values.sidecar.datasources.searchNamespace }} + - name: NAMESPACE + value: "{{ tpl (. | join ",") $root }}" + {{- end }} + {{- if .Values.sidecar.skipTlsVerify }} + - name: SKIP_TLS_VERIFY + value: "{{ .Values.sidecar.skipTlsVerify }}" + {{- end }} + {{- with .Values.sidecar.datasources.script }} + - name: SCRIPT + value: {{ quote . }} + {{- end }} + {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} + key: {{ .Values.admin.userKey | default "admin-user" }} + {{- end }} + {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} + key: {{ .Values.admin.passwordKey | default "admin-password" }} + {{- end }} + {{- if not .Values.sidecar.datasources.skipReload }} + - name: REQ_URL + value: {{ .Values.sidecar.datasources.reloadURL }} + - name: REQ_METHOD + value: POST + {{- end }} + {{- if .Values.sidecar.datasources.watchServerTimeout }} + {{- if ne .Values.sidecar.datasources.watchMethod "WATCH" }} + {{- fail (printf "Cannot use .Values.sidecar.datasources.watchServerTimeout with .Values.sidecar.datasources.watchMethod %s" .Values.sidecar.datasources.watchMethod) }} + {{- end }} + - name: WATCH_SERVER_TIMEOUT + value: "{{ .Values.sidecar.datasources.watchServerTimeout }}" + {{- end }} + {{- if .Values.sidecar.datasources.watchClientTimeout }} + {{- if ne .Values.sidecar.datasources.watchMethod "WATCH" }} + {{- fail (printf "Cannot use .Values.sidecar.datasources.watchClientTimeout with .Values.sidecar.datasources.watchMethod %s" .Values.sidecar.datasources.watchMethod) }} + {{- end }} + - name: WATCH_CLIENT_TIMEOUT + value: "{{ .Values.sidecar.datasources.watchClientTimeout }}" + {{- end }} + {{- if .Values.sidecar.datasources.maxTotalRetries }} + - name: REQ_RETRY_TOTAL + value: "{{ .Values.sidecar.datasources.maxTotalRetries }}" + {{- end }} + {{- if .Values.sidecar.datasources.maxConnectRetries }} + - name: REQ_RETRY_CONNECT + value: "{{ .Values.sidecar.datasources.maxConnectRetries }}" + {{- end }} + {{- if .Values.sidecar.datasources.maxReadRetries }} + - name: REQ_RETRY_READ + value: "{{ .Values.sidecar.datasources.maxReadRetries }}" + {{- end }} + {{- with .Values.sidecar.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.securityContext }} + securityContext: + {{- toYaml . | nindent 6 }} + {{- end }} + volumeMounts: + - name: sc-datasources-volume + mountPath: "/etc/grafana/provisioning/datasources" + {{- with .Values.sidecar.datasources.extraMounts }} + {{- toYaml . | trim | nindent 6 }} + {{- end }} +{{- end}} +{{- if .Values.sidecar.notifiers.enabled }} + - name: {{ include "grafana.name" . }}-sc-notifiers + {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} + {{- if .Values.sidecar.image.sha }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" + {{- else }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} + env: + {{- range $key, $value := .Values.sidecar.notifiers.env }} + - name: "{{ $key }}" + value: "{{ $value }}" + {{- end }} + {{- if .Values.sidecar.notifiers.ignoreAlreadyProcessed }} + - name: IGNORE_ALREADY_PROCESSED + value: "true" + {{- end }} + - name: METHOD + value: {{ .Values.sidecar.notifiers.watchMethod }} + - name: LABEL + value: "{{ tpl .Values.sidecar.notifiers.label $root }}" + {{- with .Values.sidecar.notifiers.labelValue }} + - name: LABEL_VALUE + value: {{ quote (tpl . $root) }} + {{- end }} + {{- if or .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }} + - name: LOG_LEVEL + value: {{ default .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }} + {{- end }} + - name: FOLDER + value: "/etc/grafana/provisioning/notifiers" + - name: RESOURCE + value: {{ quote .Values.sidecar.notifiers.resource }} + {{- if .Values.sidecar.notifiers.resourceName }} + - name: RESOURCE_NAME + value: {{ quote .Values.sidecar.notifiers.resourceName }} + {{- end }} + {{- if .Values.sidecar.enableUniqueFilenames }} + - name: UNIQUE_FILENAMES + value: "{{ .Values.sidecar.enableUniqueFilenames }}" + {{- end }} + {{- with .Values.sidecar.notifiers.searchNamespace }} + - name: NAMESPACE + value: "{{ tpl (. | join ",") $root }}" + {{- end }} + {{- with .Values.sidecar.skipTlsVerify }} + - name: SKIP_TLS_VERIFY + value: "{{ . }}" + {{- end }} + {{- with .Values.sidecar.notifiers.script }} + - name: SCRIPT + value: {{ quote . }} + {{- end }} + {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} + key: {{ .Values.admin.userKey | default "admin-user" }} + {{- end }} + {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} + key: {{ .Values.admin.passwordKey | default "admin-password" }} + {{- end }} + {{- if not .Values.sidecar.notifiers.skipReload }} + - name: REQ_URL + value: {{ .Values.sidecar.notifiers.reloadURL }} + - name: REQ_METHOD + value: POST + {{- end }} + {{- if .Values.sidecar.notifiers.watchServerTimeout }} + {{- if ne .Values.sidecar.notifiers.watchMethod "WATCH" }} + {{- fail (printf "Cannot use .Values.sidecar.notifiers.watchServerTimeout with .Values.sidecar.notifiers.watchMethod %s" .Values.sidecar.notifiers.watchMethod) }} + {{- end }} + - name: WATCH_SERVER_TIMEOUT + value: "{{ .Values.sidecar.notifiers.watchServerTimeout }}" + {{- end }} + {{- if .Values.sidecar.notifiers.watchClientTimeout }} + {{- if ne .Values.sidecar.notifiers.watchMethod "WATCH" }} + {{- fail (printf "Cannot use .Values.sidecar.notifiers.watchClientTimeout with .Values.sidecar.notifiers.watchMethod %s" .Values.sidecar.notifiers.watchMethod) }} + {{- end }} + - name: WATCH_CLIENT_TIMEOUT + value: "{{ .Values.sidecar.notifiers.watchClientTimeout }}" + {{- end }} + {{- if .Values.sidecar.notifiers.maxTotalRetries }} + - name: REQ_RETRY_TOTAL + value: "{{ .Values.sidecar.notifiers.maxTotalRetries }}" + {{- end }} + {{- if .Values.sidecar.notifiers.maxConnectRetries }} + - name: REQ_RETRY_CONNECT + value: "{{ .Values.sidecar.notifiers.maxConnectRetries }}" + {{- end }} + {{- if .Values.sidecar.notifiers.maxReadRetries }} + - name: REQ_RETRY_READ + value: "{{ .Values.sidecar.notifiers.maxReadRetries }}" + {{- end }} + {{- with .Values.sidecar.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.securityContext }} + securityContext: + {{- toYaml . | nindent 6 }} + {{- end }} + volumeMounts: + - name: sc-notifiers-volume + mountPath: "/etc/grafana/provisioning/notifiers" + {{- with .Values.sidecar.notifiers.extraMounts }} + {{- toYaml . | trim | nindent 6 }} + {{- end }} +{{- end}} +{{- if .Values.sidecar.plugins.enabled }} + - name: {{ include "grafana.name" . }}-sc-plugins + {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} + {{- if .Values.sidecar.image.sha }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" + {{- else }} + image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} + env: + {{- range $key, $value := .Values.sidecar.plugins.env }} + - name: "{{ $key }}" + value: "{{ $value }}" + {{- end }} + {{- if .Values.sidecar.plugins.ignoreAlreadyProcessed }} + - name: IGNORE_ALREADY_PROCESSED + value: "true" + {{- end }} + - name: METHOD + value: {{ .Values.sidecar.plugins.watchMethod }} + - name: LABEL + value: "{{ tpl .Values.sidecar.plugins.label $root }}" + {{- if .Values.sidecar.plugins.labelValue }} + - name: LABEL_VALUE + value: {{ quote (tpl .Values.sidecar.plugins.labelValue $) }} + {{- end }} + {{- if or .Values.sidecar.logLevel .Values.sidecar.plugins.logLevel }} + - name: LOG_LEVEL + value: {{ default .Values.sidecar.logLevel .Values.sidecar.plugins.logLevel }} + {{- end }} + - name: FOLDER + value: "/etc/grafana/provisioning/plugins" + - name: RESOURCE + value: {{ quote .Values.sidecar.plugins.resource }} + {{- if .Values.sidecar.plugins.resourceName }} + - name: RESOURCE_NAME + value: {{ quote .Values.sidecar.plugins.resourceName }} + {{- end }} + {{- with .Values.sidecar.enableUniqueFilenames }} + - name: UNIQUE_FILENAMES + value: "{{ . }}" + {{- end }} + {{- with .Values.sidecar.plugins.searchNamespace }} + - name: NAMESPACE + value: "{{ tpl (. | join ",") $root }}" + {{- end }} + {{- with .Values.sidecar.plugins.script }} + - name: SCRIPT + value: {{ quote . }} + {{- end }} + {{- with .Values.sidecar.skipTlsVerify }} + - name: SKIP_TLS_VERIFY + value: "{{ . }}" + {{- end }} + {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} + key: {{ .Values.admin.userKey | default "admin-user" }} + {{- end }} + {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} + key: {{ .Values.admin.passwordKey | default "admin-password" }} + {{- end }} + {{- if not .Values.sidecar.plugins.skipReload }} + - name: REQ_URL + value: {{ .Values.sidecar.plugins.reloadURL }} + - name: REQ_METHOD + value: POST + {{- end }} + {{- if .Values.sidecar.plugins.watchServerTimeout }} + {{- if ne .Values.sidecar.plugins.watchMethod "WATCH" }} + {{- fail (printf "Cannot use .Values.sidecar.plugins.watchServerTimeout with .Values.sidecar.plugins.watchMethod %s" .Values.sidecar.plugins.watchMethod) }} + {{- end }} + - name: WATCH_SERVER_TIMEOUT + value: "{{ .Values.sidecar.plugins.watchServerTimeout }}" + {{- end }} + {{- if .Values.sidecar.plugins.watchClientTimeout }} + {{- if ne .Values.sidecar.plugins.watchMethod "WATCH" }} + {{- fail (printf "Cannot use .Values.sidecar.plugins.watchClientTimeout with .Values.sidecar.plugins.watchMethod %s" .Values.sidecar.plugins.watchMethod) }} + {{- end }} + - name: WATCH_CLIENT_TIMEOUT + value: "{{ .Values.sidecar.plugins.watchClientTimeout }}" + {{- end }} + {{- if .Values.sidecar.plugins.maxTotalRetries }} + - name: REQ_RETRY_TOTAL + value: "{{ .Values.sidecar.plugins.maxTotalRetries }}" + {{- end }} + {{- if .Values.sidecar.plugins.maxConnectRetries }} + - name: REQ_RETRY_CONNECT + value: "{{ .Values.sidecar.plugins.maxConnectRetries }}" + {{- end }} + {{- if .Values.sidecar.plugins.maxReadRetries }} + - name: REQ_RETRY_READ + value: "{{ .Values.sidecar.plugins.maxReadRetries }}" + {{- end }} + {{- with .Values.sidecar.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sidecar.securityContext }} + securityContext: + {{- toYaml . | nindent 6 }} + {{- end }} + volumeMounts: + - name: sc-plugins-volume + mountPath: "/etc/grafana/provisioning/plugins" + {{- with .Values.sidecar.plugins.extraMounts }} + {{- toYaml . | trim | nindent 6 }} + {{- end }} +{{- end}} + - name: {{ .Chart.Name }} + {{- $registry := .Values.global.imageRegistry | default .Values.image.registry -}} + {{- if .Values.image.sha }} + image: "{{ $registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}@sha256:{{ .Values.image.sha }}" + {{- else }} + image: "{{ $registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + {{- end }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if .Values.command }} + command: + {{- range .Values.command }} + - {{ . | quote }} + {{- end }} + {{- end }} + {{- if .Values.args }} + args: + {{- range .Values.args }} + - {{ . | quote }} + {{- end }} + {{- end }} + {{- with .Values.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 6 }} + {{- end }} + volumeMounts: + - name: config + mountPath: "/etc/grafana/grafana.ini" + subPath: grafana.ini + {{- if .Values.ldap.enabled }} + - name: ldap + mountPath: "/etc/grafana/ldap.toml" + subPath: ldap.toml + {{- end }} + {{- range .Values.extraConfigmapMounts }} + - name: {{ tpl .name $root }} + mountPath: {{ tpl .mountPath $root }} + subPath: {{ tpl (.subPath | default "") $root }} + readOnly: {{ .readOnly }} + {{- end }} + - name: storage + mountPath: "/var/lib/grafana" + {{- with .Values.persistence.subPath }} + subPath: {{ tpl . $root }} + {{- end }} + {{- with .Values.dashboards }} + {{- range $provider, $dashboards := . }} + {{- range $key, $value := $dashboards }} + {{- if (or (hasKey $value "json") (hasKey $value "file")) }} + - name: dashboards-{{ $provider }} + mountPath: "/var/lib/grafana/dashboards/{{ $provider }}/{{ $key }}.json" + subPath: "{{ $key }}.json" + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.dashboardsConfigMaps }} + {{- range (keys . | sortAlpha) }} + - name: dashboards-{{ . }} + mountPath: "/var/lib/grafana/dashboards/{{ . }}" + {{- end }} + {{- end }} + {{- with .Values.datasources }} + {{- $datasources := . }} + {{- range (keys . | sortAlpha) }} + {{- if (or (hasKey (index $datasources .) "secret")) }} {{/*check if current datasource should be handeled as secret */}} + - name: config-secret + mountPath: "/etc/grafana/provisioning/datasources/{{ . }}" + subPath: {{ . | quote }} + {{- else }} + - name: config + mountPath: "/etc/grafana/provisioning/datasources/{{ . }}" + subPath: {{ . | quote }} + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.notifiers }} + {{- $notifiers := . }} + {{- range (keys . | sortAlpha) }} + {{- if (or (hasKey (index $notifiers .) "secret")) }} {{/*check if current notifier should be handeled as secret */}} + - name: config-secret + mountPath: "/etc/grafana/provisioning/notifiers/{{ . }}" + subPath: {{ . | quote }} + {{- else }} + - name: config + mountPath: "/etc/grafana/provisioning/notifiers/{{ . }}" + subPath: {{ . | quote }} + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.alerting }} + {{- $alertingmap := .}} + {{- range (keys . | sortAlpha) }} + {{- if (or (hasKey (index $.Values.alerting .) "secret") (hasKey (index $.Values.alerting .) "secretFile")) }} {{/*check if current alerting entry should be handeled as secret */}} + - name: config-secret + mountPath: "/etc/grafana/provisioning/alerting/{{ . }}" + subPath: {{ . | quote }} + {{- else }} + - name: config + mountPath: "/etc/grafana/provisioning/alerting/{{ . }}" + subPath: {{ . | quote }} + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.dashboardProviders }} + {{- range (keys . | sortAlpha) }} + - name: config + mountPath: "/etc/grafana/provisioning/dashboards/{{ . }}" + subPath: {{ . | quote }} + {{- end }} + {{- end }} + {{- with .Values.sidecar.alerts.enabled }} + - name: sc-alerts-volume + mountPath: "/etc/grafana/provisioning/alerting" + {{- end}} + {{- if .Values.sidecar.dashboards.enabled }} + - name: sc-dashboard-volume + mountPath: {{ .Values.sidecar.dashboards.folder | quote }} + {{- if .Values.sidecar.dashboards.SCProvider }} + - name: sc-dashboard-provider + mountPath: "/etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml" + subPath: provider.yaml + {{- end}} + {{- end}} + {{- if .Values.sidecar.datasources.enabled }} + - name: sc-datasources-volume + mountPath: "/etc/grafana/provisioning/datasources" + {{- end}} + {{- if .Values.sidecar.plugins.enabled }} + - name: sc-plugins-volume + mountPath: "/etc/grafana/provisioning/plugins" + {{- end}} + {{- if .Values.sidecar.notifiers.enabled }} + - name: sc-notifiers-volume + mountPath: "/etc/grafana/provisioning/notifiers" + {{- end}} + {{- range .Values.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + readOnly: {{ .readOnly }} + subPath: {{ .subPath | default "" }} + {{- end }} + {{- range .Values.extraVolumeMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath | default "" }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.extraEmptyDirMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + {{- end }} + ports: + - name: {{ .Values.podPortName }} + containerPort: {{ .Values.service.targetPort }} + protocol: TCP + - name: {{ .Values.gossipPortName }}-tcp + containerPort: 9094 + protocol: TCP + - name: {{ .Values.gossipPortName }}-udp + containerPort: 9094 + protocol: UDP + - name: profiling + containerPort: 6060 + protocol: TCP + env: + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} + - name: GF_SECURITY_ADMIN_USER + valueFrom: + secretKeyRef: + name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} + key: {{ .Values.admin.userKey | default "admin-user" }} + {{- end }} + {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} + - name: GF_SECURITY_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} + key: {{ .Values.admin.passwordKey | default "admin-password" }} + {{- end }} + {{- if .Values.plugins }} + - name: GF_INSTALL_PLUGINS + valueFrom: + configMapKeyRef: + name: {{ include "grafana.fullname" . }} + key: plugins + {{- end }} + {{- if .Values.smtp.existingSecret }} + - name: GF_SMTP_USER + valueFrom: + secretKeyRef: + name: {{ .Values.smtp.existingSecret }} + key: {{ .Values.smtp.userKey | default "user" }} + - name: GF_SMTP_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.smtp.existingSecret }} + key: {{ .Values.smtp.passwordKey | default "password" }} + {{- end }} + {{- if .Values.imageRenderer.enabled }} + - name: GF_RENDERING_SERVER_URL + {{- if .Values.imageRenderer.serverURL }} + value: {{ .Values.imageRenderer.serverURL | quote }} + {{- else }} + value: http://{{ include "grafana.fullname" . }}-image-renderer.{{ include "grafana.namespace" . }}:{{ .Values.imageRenderer.service.port }}/render + {{- end }} + - name: GF_RENDERING_CALLBACK_URL + {{- if .Values.imageRenderer.renderingCallbackURL }} + value: {{ .Values.imageRenderer.renderingCallbackURL | quote }} + {{- else }} + value: {{ .Values.imageRenderer.grafanaProtocol }}://{{ include "grafana.fullname" . }}.{{ include "grafana.namespace" . }}:{{ .Values.service.port }}/{{ .Values.imageRenderer.grafanaSubPath }} + {{- end }} + {{- end }} + - name: GF_PATHS_DATA + value: {{ (get .Values "grafana.ini").paths.data }} + - name: GF_PATHS_LOGS + value: {{ (get .Values "grafana.ini").paths.logs }} + - name: GF_PATHS_PLUGINS + value: {{ (get .Values "grafana.ini").paths.plugins }} + - name: GF_PATHS_PROVISIONING + value: {{ (get .Values "grafana.ini").paths.provisioning }} + {{- range $key, $value := .Values.envValueFrom }} + - name: {{ $key | quote }} + valueFrom: + {{- tpl (toYaml $value) $ | nindent 10 }} + {{- end }} + {{- range $key, $value := .Values.env }} + - name: "{{ tpl $key $ }}" + value: "{{ tpl (print $value) $ }}" + {{- end }} + {{- if or .Values.envFromSecret (or .Values.envRenderSecret .Values.envFromSecrets) .Values.envFromConfigMaps }} + envFrom: + {{- if .Values.envFromSecret }} + - secretRef: + name: {{ tpl .Values.envFromSecret . }} + {{- end }} + {{- if .Values.envRenderSecret }} + - secretRef: + name: {{ include "grafana.fullname" . }}-env + {{- end }} + {{- range .Values.envFromSecrets }} + - secretRef: + name: {{ tpl .name $ }} + optional: {{ .optional | default false }} + {{- if .prefix }} + prefix: {{ tpl .prefix $ }} + {{- end }} + {{- end }} + {{- range .Values.envFromConfigMaps }} + - configMapRef: + name: {{ tpl .name $ }} + optional: {{ .optional | default false }} + {{- if .prefix }} + prefix: {{ tpl .prefix $ }} + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.lifecycleHooks }} + lifecycle: + {{- tpl (toYaml .) $root | nindent 6 }} + {{- end }} + {{- with .Values.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} +{{- with .Values.extraContainers }} + {{- tpl . $ | nindent 2 }} +{{- end }} +{{- with .Values.nodeSelector }} +nodeSelector: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- with .Values.affinity }} +affinity: + {{- tpl (toYaml .) $root | nindent 2 }} +{{- end }} +{{- with .Values.topologySpreadConstraints }} +topologySpreadConstraints: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- with .Values.tolerations }} +tolerations: + {{- toYaml . | nindent 2 }} +{{- end }} +volumes: + - name: config + configMap: + name: {{ include "grafana.fullname" . }} + {{- $createConfigSecret := eq (include "grafana.shouldCreateConfigSecret" .) "true" -}} + {{- if and .Values.createConfigmap $createConfigSecret }} + - name: config-secret + secret: + secretName: {{ include "grafana.fullname" . }}-config-secret + {{- end }} + {{- range .Values.extraConfigmapMounts }} + - name: {{ tpl .name $root }} + configMap: + name: {{ tpl .configMap $root }} + {{- with .optional }} + optional: {{ . }} + {{- end }} + {{- with .items }} + items: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- if .Values.dashboards }} + {{- range (keys .Values.dashboards | sortAlpha) }} + - name: dashboards-{{ . }} + configMap: + name: {{ include "grafana.fullname" $ }}-dashboards-{{ . }} + {{- end }} + {{- end }} + {{- if .Values.dashboardsConfigMaps }} + {{- range $provider, $name := .Values.dashboardsConfigMaps }} + - name: dashboards-{{ $provider }} + configMap: + name: {{ tpl $name $root }} + {{- end }} + {{- end }} + {{- if .Values.ldap.enabled }} + - name: ldap + secret: + {{- if .Values.ldap.existingSecret }} + secretName: {{ .Values.ldap.existingSecret }} + {{- else }} + secretName: {{ include "grafana.fullname" . }} + {{- end }} + items: + - key: ldap-toml + path: ldap.toml + {{- end }} + {{- if and .Values.persistence.enabled (eq .Values.persistence.type "pvc") }} + - name: storage + persistentVolumeClaim: + claimName: {{ tpl (.Values.persistence.existingClaim | default (include "grafana.fullname" .)) . }} + {{- else if and .Values.persistence.enabled (has .Values.persistence.type $sts) }} + {{/* nothing */}} + {{- else }} + - name: storage + {{- if .Values.persistence.inMemory.enabled }} + emptyDir: + medium: Memory + {{- with .Values.persistence.inMemory.sizeLimit }} + sizeLimit: {{ . }} + {{- end }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} + {{- if .Values.sidecar.alerts.enabled }} + - name: sc-alerts-volume + {{- if .Values.sidecar.alerts.sizeLimit }} + emptyDir: + {{- with .Values.sidecar.alerts.sizeLimit }} + sizeLimit: {{ . }} + {{- end }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} + {{- if .Values.sidecar.dashboards.enabled }} + - name: sc-dashboard-volume + {{- if .Values.sidecar.dashboards.sizeLimit }} + emptyDir: + {{- with .Values.sidecar.dashboards.sizeLimit }} + sizeLimit: {{ . }} + {{- end }} + {{- else }} + emptyDir: {} + {{- end }} + {{- if .Values.sidecar.dashboards.SCProvider }} + - name: sc-dashboard-provider + configMap: + name: {{ include "grafana.fullname" . }}-config-dashboards + {{- end }} + {{- end }} + {{- if .Values.sidecar.datasources.enabled }} + - name: sc-datasources-volume + {{- if .Values.sidecar.datasources.sizeLimit }} + emptyDir: + {{- with .Values.sidecar.datasources.sizeLimit }} + sizeLimit: {{ . }} + {{- end }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} + {{- if .Values.sidecar.plugins.enabled }} + - name: sc-plugins-volume + {{- if .Values.sidecar.plugins.sizeLimit }} + emptyDir: + {{- with .Values.sidecar.plugins.sizeLimit }} + sizeLimit: {{ . }} + {{- end }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} + {{- if .Values.sidecar.notifiers.enabled }} + - name: sc-notifiers-volume + {{- if .Values.sidecar.notifiers.sizeLimit }} + emptyDir: + {{- with .Values.sidecar.notifiers.sizeLimit }} + sizeLimit: {{ . }} + {{- end }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} + {{- range .Values.extraSecretMounts }} + {{- if .secretName }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + defaultMode: {{ .defaultMode }} + {{- with .optional }} + optional: {{ . }} + {{- end }} + {{- with .items }} + items: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- else if .projected }} + - name: {{ .name }} + projected: + {{- toYaml .projected | nindent 6 }} + {{- else if .csi }} + - name: {{ .name }} + csi: + {{- toYaml .csi | nindent 6 }} + {{- end }} + {{- end }} + {{- range .Values.extraVolumes }} + - name: {{ .name }} + {{- if .existingClaim }} + persistentVolumeClaim: + claimName: {{ .existingClaim }} + {{- else if .hostPath }} + hostPath: + {{ toYaml .hostPath | nindent 6 }} + {{- else if .csi }} + csi: + {{- toYaml .csi | nindent 6 }} + {{- else if .configMap }} + configMap: + {{- toYaml .configMap | nindent 6 }} + {{- else if .emptyDir }} + emptyDir: + {{- toYaml .emptyDir | nindent 6 }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} + {{- range .Values.extraEmptyDirMounts }} + - name: {{ .name }} + emptyDir: {} + {{- end }} + {{- with .Values.extraContainerVolumes }} + {{- tpl (toYaml .) $root | nindent 2 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/clusterrole.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/clusterrole.yaml new file mode 100644 index 0000000..3af4b62 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/clusterrole.yaml @@ -0,0 +1,25 @@ +{{- if and .Values.rbac.create (or (not .Values.rbac.namespaced) .Values.rbac.extraClusterRoleRules) (not .Values.rbac.useExistingClusterRole) }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "grafana.fullname" . }}-clusterrole +{{- if or .Values.sidecar.dashboards.enabled .Values.rbac.extraClusterRoleRules .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled .Values.sidecar.alerts.enabled }} +rules: + {{- if or .Values.sidecar.dashboards.enabled .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled .Values.sidecar.alerts.enabled }} + - apiGroups: [""] # "" indicates the core API group + resources: ["configmaps", "secrets"] + verbs: ["get", "watch", "list"] + {{- end}} + {{- with .Values.rbac.extraClusterRoleRules }} + {{- toYaml . | nindent 2 }} + {{- end}} +{{- else }} +rules: [] +{{- end}} +{{- end}} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/clusterrolebinding.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/clusterrolebinding.yaml new file mode 100644 index 0000000..bda9431 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/clusterrolebinding.yaml @@ -0,0 +1,24 @@ +{{- if and .Values.rbac.create (or (not .Values.rbac.namespaced) .Values.rbac.extraClusterRoleRules) }} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "grafana.fullname" . }}-clusterrolebinding + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +subjects: + - kind: ServiceAccount + name: {{ include "grafana.serviceAccountName" . }} + namespace: {{ include "grafana.namespace" . }} +roleRef: + kind: ClusterRole + {{- if .Values.rbac.useExistingClusterRole }} + name: {{ .Values.rbac.useExistingClusterRole }} + {{- else }} + name: {{ include "grafana.fullname" . }}-clusterrole + {{- end }} + apiGroup: rbac.authorization.k8s.io +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/configSecret.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/configSecret.yaml new file mode 100644 index 0000000..55574b9 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/configSecret.yaml @@ -0,0 +1,43 @@ +{{- $createConfigSecret := eq (include "grafana.shouldCreateConfigSecret" .) "true" -}} +{{- if and .Values.createConfigmap $createConfigSecret }} +{{- $files := .Files }} +{{- $root := . -}} +apiVersion: v1 +kind: Secret +metadata: + name: "{{ include "grafana.fullname" . }}-config-secret" + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +data: +{{- range $key, $value := .Values.alerting }} + {{- if (hasKey $value "secretFile") }} + {{- $key | nindent 2 }}: + {{- toYaml ( $files.Get $value.secretFile ) | b64enc | nindent 4}} + {{/* as of https://helm.sh/docs/chart_template_guide/accessing_files/ this will only work if you fork this chart and add files to it*/}} + {{- end }} +{{- end }} +stringData: +{{- range $key, $value := .Values.datasources }} +{{- if (hasKey $value "secret") }} +{{- $key | nindent 2 }}: | + {{- tpl (toYaml $value.secret | nindent 4) $root }} +{{- end }} +{{- end }} +{{- range $key, $value := .Values.notifiers }} +{{- if (hasKey $value "secret") }} +{{- $key | nindent 2 }}: | + {{- tpl (toYaml $value.secret | nindent 4) $root }} +{{- end }} +{{- end }} +{{- range $key, $value := .Values.alerting }} +{{ if (hasKey $value "secret") }} + {{- $key | nindent 2 }}: | + {{- tpl (toYaml $value.secret | nindent 4) $root }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/configmap-dashboard-provider.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/configmap-dashboard-provider.yaml new file mode 100644 index 0000000..b412c4d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/configmap-dashboard-provider.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.sidecar.dashboards.enabled .Values.sidecar.dashboards.SCProvider }} +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "grafana.fullname" . }}-config-dashboards + namespace: {{ include "grafana.namespace" . }} +data: + {{- include "grafana.configDashboardProviderData" . | nindent 2 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/configmap.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/configmap.yaml new file mode 100644 index 0000000..0a2edf4 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/configmap.yaml @@ -0,0 +1,20 @@ +{{- if .Values.createConfigmap }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "grafana.fullname" . }} + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- if or .Values.configMapAnnotations .Values.annotations }} + annotations: + {{- with .Values.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.configMapAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- end }} +data: + {{- include "grafana.configData" . | nindent 2 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/dashboards-json-configmap.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/dashboards-json-configmap.yaml new file mode 100644 index 0000000..df0ed0d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/dashboards-json-configmap.yaml @@ -0,0 +1,35 @@ +{{- if .Values.dashboards }} +{{ $files := .Files }} +{{- range $provider, $dashboards := .Values.dashboards }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "grafana.fullname" $ }}-dashboards-{{ $provider }} + namespace: {{ include "grafana.namespace" $ }} + labels: + {{- include "grafana.labels" $ | nindent 4 }} + dashboard-provider: {{ $provider }} +{{- if $dashboards }} +data: +{{- $dashboardFound := false }} +{{- range $key, $value := $dashboards }} +{{- if (or (hasKey $value "json") (hasKey $value "file")) }} +{{- $dashboardFound = true }} + {{- print $key | nindent 2 }}.json: + {{- if hasKey $value "json" }} + |- + {{- $value.json | nindent 6 }} + {{- end }} + {{- if hasKey $value "file" }} + {{- toYaml ( $files.Get $value.file ) | nindent 4}} + {{- end }} +{{- end }} +{{- end }} +{{- if not $dashboardFound }} + {} +{{- end }} +{{- end }} +--- +{{- end }} + +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/deployment.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/deployment.yaml new file mode 100644 index 0000000..7bf7521 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/deployment.yaml @@ -0,0 +1,53 @@ +{{- if (and (not .Values.useStatefulSet) (or (not .Values.persistence.enabled) (eq .Values.persistence.type "pvc"))) }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "grafana.fullname" . }} + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if (not .Values.autoscaling.enabled) }} + replicas: {{ .Values.replicas }} + {{- end }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + selector: + matchLabels: + {{- include "grafana.selectorLabels" . | nindent 6 }} + {{- with .Values.deploymentStrategy }} + strategy: + {{- toYaml . | trim | nindent 4 }} + {{- end }} + template: + metadata: + labels: + {{- include "grafana.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + annotations: + checksum/config: {{ include "grafana.configData" . | sha256sum }} + {{- if .Values.dashboards }} + checksum/dashboards-json-config: {{ include (print $.Template.BasePath "/dashboards-json-configmap.yaml") . | sha256sum }} + {{- end }} + checksum/sc-dashboard-provider-config: {{ include "grafana.configDashboardProviderData" . | sha256sum }} + {{- if and (or (and (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD)) (and .Values.ldap.enabled (not .Values.ldap.existingSecret))) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} + checksum/secret: {{ include "grafana.secretsData" . | sha256sum }} + {{- end }} + {{- if .Values.envRenderSecret }} + checksum/secret-env: {{ tpl (toYaml .Values.envRenderSecret) . | sha256sum }} + {{- end }} + kubectl.kubernetes.io/default-container: {{ .Chart.Name }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- include "grafana.pod" . | nindent 6 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/extra-manifests.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/extra-manifests.yaml new file mode 100644 index 0000000..0e97856 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/extra-manifests.yaml @@ -0,0 +1,8 @@ +{{ range .Values.extraObjects }} +--- +{{- if typeIs "string" . }} +{{ tpl . $ }} +{{ else }} +{{ tpl (. | toYaml) $ }} +{{- end }} +{{ end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/headless-service.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/headless-service.yaml new file mode 100644 index 0000000..3028589 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/headless-service.yaml @@ -0,0 +1,22 @@ +{{- $sts := list "sts" "StatefulSet" "statefulset" -}} +{{- if or .Values.headlessService (and .Values.persistence.enabled (not .Values.persistence.existingClaim) (has .Values.persistence.type $sts)) }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "grafana.fullname" . }}-headless + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + clusterIP: None + selector: + {{- include "grafana.selectorLabels" . | nindent 4 }} + type: ClusterIP + ports: + - name: {{ .Values.gossipPortName }}-tcp + port: 9094 +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/hpa.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/hpa.yaml new file mode 100644 index 0000000..097e41d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/hpa.yaml @@ -0,0 +1,51 @@ +{{- $sts := list "sts" "StatefulSet" "statefulset" -}} +{{- if .Values.autoscaling.enabled }} +apiVersion: {{ include "grafana.hpa.apiVersion" . }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "grafana.fullname" . }} + namespace: {{ include "grafana.namespace" . }} + labels: + app.kubernetes.io/name: {{ include "grafana.name" . }} + helm.sh/chart: {{ include "grafana.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + {{- if (or (.Values.useStatefulSet) (and .Values.persistence.enabled (not .Values.persistence.existingClaim) (has .Values.persistence.type $sts)))}} + kind: StatefulSet + {{- else }} + kind: Deployment + {{- end }} + name: {{ include "grafana.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetMemory }} + - type: Resource + resource: + name: memory + {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }} + targetAverageUtilization: {{ .Values.autoscaling.targetMemory }} + {{- else }} + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemory }} + {{- end }} + {{- end }} + {{- if .Values.autoscaling.targetCPU }} + - type: Resource + resource: + name: cpu + {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }} + targetAverageUtilization: {{ .Values.autoscaling.targetCPU }} + {{- else }} + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPU }} + {{- end }} + {{- end }} + {{- if .Values.autoscaling.behavior }} + behavior: {{ toYaml .Values.autoscaling.behavior | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-deployment.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-deployment.yaml new file mode 100644 index 0000000..a78b4eb --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-deployment.yaml @@ -0,0 +1,198 @@ +{{ if .Values.imageRenderer.enabled }} +{{- $root := . -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "grafana.fullname" . }}-image-renderer + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.imageRenderer.labels" . | nindent 4 }} + {{- with .Values.imageRenderer.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.imageRenderer.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and (not .Values.imageRenderer.autoscaling.enabled) (.Values.imageRenderer.replicas) }} + replicas: {{ .Values.imageRenderer.replicas }} + {{- end }} + revisionHistoryLimit: {{ .Values.imageRenderer.revisionHistoryLimit }} + selector: + matchLabels: + {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }} + + {{- with .Values.imageRenderer.deploymentStrategy }} + strategy: + {{- toYaml . | trim | nindent 4 }} + {{- end }} + template: + metadata: + labels: + {{- include "grafana.imageRenderer.selectorLabels" . | nindent 8 }} + {{- with .Values.imageRenderer.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + {{- with .Values.imageRenderer.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imageRenderer.schedulerName }} + schedulerName: "{{ . }}" + {{- end }} + {{- with .Values.imageRenderer.serviceAccountName }} + serviceAccountName: "{{ . }}" + {{- end }} + automountServiceAccountToken: {{ .Values.imageRenderer.automountServiceAccountToken }} + {{- with .Values.imageRenderer.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.imageRenderer.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.imageRenderer.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} + {{- if or .Values.imageRenderer.image.pullSecrets .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- include "grafana.imagePullSecrets" (dict "root" $root "imagePullSecrets" .Values.imageRenderer.image.pullSecrets) | nindent 8 }} + {{- end }} + containers: + - name: {{ .Chart.Name }}-image-renderer + {{- $registry := .Values.global.imageRegistry | default .Values.imageRenderer.image.registry -}} + {{- if .Values.imageRenderer.image.sha }} + image: "{{ $registry }}/{{ .Values.imageRenderer.image.repository }}:{{ .Values.imageRenderer.image.tag }}@sha256:{{ .Values.imageRenderer.image.sha }}" + {{- else }} + image: "{{ $registry }}/{{ .Values.imageRenderer.image.repository }}:{{ .Values.imageRenderer.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.imageRenderer.image.pullPolicy }} + {{- if .Values.imageRenderer.command }} + command: + {{- range .Values.imageRenderer.command }} + - {{ . }} + {{- end }} + {{- end}} + ports: + - name: {{ .Values.imageRenderer.service.portName }} + containerPort: {{ .Values.imageRenderer.service.targetPort }} + protocol: TCP + livenessProbe: + httpGet: + path: / + port: {{ .Values.imageRenderer.service.portName }} + env: + - name: HTTP_PORT + value: {{ .Values.imageRenderer.service.targetPort | quote }} + {{- if .Values.imageRenderer.serviceMonitor.enabled }} + - name: ENABLE_METRICS + value: "true" + {{- end }} + {{- range $key, $value := .Values.imageRenderer.envValueFrom }} + - name: {{ $key | quote }} + valueFrom: + {{- tpl (toYaml $value) $ | nindent 16 }} + {{- end }} + {{- range $key, $value := .Values.imageRenderer.env }} + - name: {{ $key | quote }} + value: {{ $value | quote }} + {{- end }} + {{- with .Values.imageRenderer.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /tmp + name: image-renderer-tmpfs + {{- range .Values.imageRenderer.extraConfigmapMounts }} + - name: {{ tpl .name $root }} + mountPath: {{ tpl .mountPath $root }} + subPath: {{ tpl (.subPath | default "") $root }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.imageRenderer.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + readOnly: {{ .readOnly }} + subPath: {{ .subPath | default "" }} + {{- end }} + {{- range .Values.imageRenderer.extraVolumeMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath | default "" }} + readOnly: {{ .readOnly }} + {{- end }} + {{- with .Values.imageRenderer.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.imageRenderer.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.imageRenderer.affinity }} + affinity: + {{- tpl (toYaml .) $root | nindent 8 }} + {{- end }} + {{- with .Values.imageRenderer.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: image-renderer-tmpfs + emptyDir: {} + {{- range .Values.imageRenderer.extraConfigmapMounts }} + - name: {{ tpl .name $root }} + configMap: + name: {{ tpl .configMap $root }} + {{- with .items }} + items: + {{- toYaml . | nindent 14 }} + {{- end }} + {{- end }} + {{- range .Values.imageRenderer.extraSecretMounts }} + {{- if .secretName }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + defaultMode: {{ .defaultMode }} + {{- with .items }} + items: + {{- toYaml . | nindent 14 }} + {{- end }} + {{- else if .projected }} + - name: {{ .name }} + projected: + {{- toYaml .projected | nindent 12 }} + {{- else if .csi }} + - name: {{ .name }} + csi: + {{- toYaml .csi | nindent 12 }} + {{- end }} + {{- end }} + {{- range .Values.imageRenderer.extraVolumes }} + - name: {{ .name }} + {{- if .existingClaim }} + persistentVolumeClaim: + claimName: {{ .existingClaim }} + {{- else if .hostPath }} + hostPath: + {{ toYaml .hostPath | nindent 12 }} + {{- else if .csi }} + csi: + {{- toYaml .csi | nindent 12 }} + {{- else if .configMap }} + configMap: + {{- toYaml .configMap | nindent 12 }} + {{- else if .emptyDir }} + emptyDir: + {{- toYaml .emptyDir | nindent 12 }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-hpa.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-hpa.yaml new file mode 100644 index 0000000..d992f62 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-hpa.yaml @@ -0,0 +1,46 @@ +{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.autoscaling.enabled }} +apiVersion: {{ include "grafana.hpa.apiVersion" . }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "grafana.fullname" . }}-image-renderer + namespace: {{ include "grafana.namespace" . }} + labels: + app.kubernetes.io/name: {{ include "grafana.name" . }}-image-renderer + helm.sh/chart: {{ include "grafana.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "grafana.fullname" . }}-image-renderer + minReplicas: {{ .Values.imageRenderer.autoscaling.minReplicas }} + maxReplicas: {{ .Values.imageRenderer.autoscaling.maxReplicas }} + metrics: + {{- if .Values.imageRenderer.autoscaling.targetMemory }} + - type: Resource + resource: + name: memory + {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }} + targetAverageUtilization: {{ .Values.imageRenderer.autoscaling.targetMemory }} + {{- else }} + target: + type: Utilization + averageUtilization: {{ .Values.imageRenderer.autoscaling.targetMemory }} + {{- end }} + {{- end }} + {{- if .Values.imageRenderer.autoscaling.targetCPU }} + - type: Resource + resource: + name: cpu + {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }} + targetAverageUtilization: {{ .Values.imageRenderer.autoscaling.targetCPU }} + {{- else }} + target: + type: Utilization + averageUtilization: {{ .Values.imageRenderer.autoscaling.targetCPU }} + {{- end }} + {{- end }} + {{- if .Values.imageRenderer.autoscaling.behavior }} + behavior: {{ toYaml .Values.imageRenderer.autoscaling.behavior | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-network-policy.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-network-policy.yaml new file mode 100644 index 0000000..bcbd249 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-network-policy.yaml @@ -0,0 +1,79 @@ +{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.networkPolicy.limitIngress }} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "grafana.fullname" . }}-image-renderer-ingress + namespace: {{ include "grafana.namespace" . }} + annotations: + comment: Limit image-renderer ingress traffic from grafana +spec: + podSelector: + matchLabels: + {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }} + {{- with .Values.imageRenderer.podLabels }} + {{- toYaml . | nindent 6 }} + {{- end }} + + policyTypes: + - Ingress + ingress: + - ports: + - port: {{ .Values.imageRenderer.service.targetPort }} + protocol: TCP + from: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ include "grafana.namespace" . }} + podSelector: + matchLabels: + {{- include "grafana.selectorLabels" . | nindent 14 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 14 }} + {{- end }} + {{- with .Values.imageRenderer.networkPolicy.extraIngressSelectors -}} + {{ toYaml . | nindent 8 }} + {{- end }} +{{- end }} + +{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.networkPolicy.limitEgress }} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "grafana.fullname" . }}-image-renderer-egress + namespace: {{ include "grafana.namespace" . }} + annotations: + comment: Limit image-renderer egress traffic to grafana +spec: + podSelector: + matchLabels: + {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }} + {{- with .Values.imageRenderer.podLabels }} + {{- toYaml . | nindent 6 }} + {{- end }} + + policyTypes: + - Egress + egress: + # allow dns resolution + - ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + # talk only to grafana + - ports: + - port: {{ .Values.service.targetPort }} + protocol: TCP + to: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: {{ include "grafana.namespace" . }} + podSelector: + matchLabels: + {{- include "grafana.selectorLabels" . | nindent 14 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 14 }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-service.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-service.yaml new file mode 100644 index 0000000..c79374e --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-service.yaml @@ -0,0 +1,31 @@ +{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.service.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "grafana.fullname" . }}-image-renderer + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.imageRenderer.labels" . | nindent 4 }} + {{- with .Values.imageRenderer.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.imageRenderer.service.annotations }} + annotations: + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} +spec: + type: ClusterIP + {{- with .Values.imageRenderer.service.clusterIP }} + clusterIP: {{ . }} + {{- end }} + ports: + - name: {{ .Values.imageRenderer.service.portName }} + port: {{ .Values.imageRenderer.service.port }} + protocol: TCP + targetPort: {{ .Values.imageRenderer.service.targetPort }} + {{- with .Values.imageRenderer.appProtocol }} + appProtocol: {{ . }} + {{- end }} + selector: + {{- include "grafana.imageRenderer.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-servicemonitor.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-servicemonitor.yaml new file mode 100644 index 0000000..a54a375 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/image-renderer-servicemonitor.yaml @@ -0,0 +1,48 @@ +{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.serviceMonitor.enabled }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "grafana.fullname" . }}-image-renderer + {{- if .Values.imageRenderer.serviceMonitor.namespace }} + namespace: {{ tpl .Values.imageRenderer.serviceMonitor.namespace . }} + {{- else }} + namespace: {{ include "grafana.namespace" . }} + {{- end }} + labels: + {{- include "grafana.imageRenderer.labels" . | nindent 4 }} + {{- with .Values.imageRenderer.serviceMonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: {{ .Values.imageRenderer.service.portName }} + {{- with .Values.imageRenderer.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} + {{- with .Values.imageRenderer.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} + honorLabels: true + path: {{ .Values.imageRenderer.serviceMonitor.path }} + scheme: {{ .Values.imageRenderer.serviceMonitor.scheme }} + {{- with .Values.imageRenderer.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.imageRenderer.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 6 }} + {{- end }} + jobLabel: "{{ .Release.Name }}-image-renderer" + selector: + matchLabels: + {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }} + namespaceSelector: + matchNames: + - {{ include "grafana.namespace" . }} + {{- with .Values.imageRenderer.serviceMonitor.targetLabels }} + targetLabels: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/ingress.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/ingress.yaml new file mode 100644 index 0000000..b2ffd81 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/ingress.yaml @@ -0,0 +1,78 @@ +{{- if .Values.ingress.enabled -}} +{{- $ingressApiIsStable := eq (include "grafana.ingress.isStable" .) "true" -}} +{{- $ingressSupportsIngressClassName := eq (include "grafana.ingress.supportsIngressClassName" .) "true" -}} +{{- $ingressSupportsPathType := eq (include "grafana.ingress.supportsPathType" .) "true" -}} +{{- $fullName := include "grafana.fullname" . -}} +{{- $servicePort := .Values.service.port -}} +{{- $ingressPath := .Values.ingress.path -}} +{{- $ingressPathType := .Values.ingress.pathType -}} +{{- $extraPaths := .Values.ingress.extraPaths -}} +apiVersion: {{ include "grafana.ingress.apiVersion" . }} +kind: Ingress +metadata: + name: {{ $fullName }} + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.ingress.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.ingress.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ tpl $value $ | quote }} + {{- end }} + {{- end }} +spec: + {{- if and $ingressSupportsIngressClassName .Values.ingress.ingressClassName }} + ingressClassName: {{ .Values.ingress.ingressClassName }} + {{- end -}} + {{- with .Values.ingress.tls }} + tls: + {{- tpl (toYaml .) $ | nindent 4 }} + {{- end }} + rules: + {{- if .Values.ingress.hosts }} + {{- range .Values.ingress.hosts }} + - host: {{ tpl . $ | quote }} + http: + paths: + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} + {{- end }} + - path: {{ $ingressPath }} + {{- if $ingressSupportsPathType }} + pathType: {{ $ingressPathType }} + {{- end }} + backend: + {{- if $ingressApiIsStable }} + service: + name: {{ $fullName }} + port: + number: {{ $servicePort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $servicePort }} + {{- end }} + {{- end }} + {{- else }} + - http: + paths: + - backend: + {{- if $ingressApiIsStable }} + service: + name: {{ $fullName }} + port: + number: {{ $servicePort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $servicePort }} + {{- end }} + {{- with $ingressPath }} + path: {{ . }} + {{- end }} + {{- if $ingressSupportsPathType }} + pathType: {{ $ingressPathType }} + {{- end }} + {{- end -}} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/networkpolicy.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/networkpolicy.yaml new file mode 100644 index 0000000..4cd3ed6 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/networkpolicy.yaml @@ -0,0 +1,61 @@ +{{- if .Values.networkPolicy.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "grafana.fullname" . }} + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + policyTypes: + {{- if .Values.networkPolicy.ingress }} + - Ingress + {{- end }} + {{- if .Values.networkPolicy.egress.enabled }} + - Egress + {{- end }} + podSelector: + matchLabels: + {{- include "grafana.selectorLabels" . | nindent 6 }} + + {{- if .Values.networkPolicy.egress.enabled }} + egress: + {{- if not .Values.networkPolicy.egress.blockDNSResolution }} + - ports: + - port: 53 + protocol: UDP + {{- end }} + - ports: + {{ .Values.networkPolicy.egress.ports | toJson }} + {{- with .Values.networkPolicy.egress.to }} + to: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.networkPolicy.ingress }} + ingress: + - ports: + - port: {{ .Values.service.targetPort }} + {{- if not .Values.networkPolicy.allowExternal }} + from: + - podSelector: + matchLabels: + {{ include "grafana.fullname" . }}-client: "true" + {{- with .Values.networkPolicy.explicitNamespacesSelector }} + - namespaceSelector: + {{- toYaml . | nindent 12 }} + {{- end }} + - podSelector: + matchLabels: + {{- include "grafana.labels" . | nindent 14 }} + role: read + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/poddisruptionbudget.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/poddisruptionbudget.yaml new file mode 100644 index 0000000..c2264ac --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/poddisruptionbudget.yaml @@ -0,0 +1,25 @@ +{{- if .Values.podDisruptionBudget }} +apiVersion: {{ include "grafana.podDisruptionBudget.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ include "grafana.fullname" . }} + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.podDisruptionBudget.minAvailable }} + minAvailable: {{ . }} + {{- end }} + {{- with .Values.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ . }} + {{- end }} + selector: + matchLabels: + {{- include "grafana.selectorLabels" . | nindent 6 }} + {{- with .Values.podDisruptionBudget.unhealthyPodEvictionPolicy }} + unhealthyPodEvictionPolicy: {{ . }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/podsecuritypolicy.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/podsecuritypolicy.yaml new file mode 100644 index 0000000..eed7af9 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/podsecuritypolicy.yaml @@ -0,0 +1,49 @@ +{{- if and .Values.rbac.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ include "grafana.fullname" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + annotations: + seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default' + seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' + {{- if .Values.rbac.pspUseAppArmor }} + apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' + apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' + {{- end }} +spec: + privileged: false + allowPrivilegeEscalation: false + requiredDropCapabilities: + # Default set from Docker, with DAC_OVERRIDE and CHOWN + - ALL + volumes: + - 'configMap' + - 'emptyDir' + - 'projected' + - 'csi' + - 'secret' + - 'downwardAPI' + - 'persistentVolumeClaim' + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + rule: 'RunAsAny' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 1 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 1 + max: 65535 + readOnlyRootFilesystem: false +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/pvc.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/pvc.yaml new file mode 100644 index 0000000..d1c4b2d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/pvc.yaml @@ -0,0 +1,39 @@ +{{- if and (not .Values.useStatefulSet) .Values.persistence.enabled (not .Values.persistence.existingClaim) (eq .Values.persistence.type "pvc")}} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "grafana.fullname" . }} + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.persistence.extraPvcLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.persistence.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.persistence.finalizers }} + finalizers: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + accessModes: + {{- range .Values.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{- if and (.Values.persistence.lookupVolumeName) (lookup "v1" "PersistentVolumeClaim" (include "grafana.namespace" .) (include "grafana.fullname" .)) }} + volumeName: {{ (lookup "v1" "PersistentVolumeClaim" (include "grafana.namespace" .) (include "grafana.fullname" .)).spec.volumeName }} + {{- end }} + {{- with .Values.persistence.storageClassName }} + storageClassName: {{ . }} + {{- end }} + {{- with .Values.persistence.selectorLabels }} + selector: + matchLabels: + {{- toYaml . | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/role.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/role.yaml new file mode 100644 index 0000000..4b5edd9 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/role.yaml @@ -0,0 +1,32 @@ +{{- if and .Values.rbac.create (not .Values.rbac.useExistingRole) -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "grafana.fullname" . }} + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- if or .Values.rbac.pspEnabled (and .Values.rbac.namespaced (or .Values.sidecar.dashboards.enabled .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled .Values.rbac.extraRoleRules)) }} +rules: + {{- if and .Values.rbac.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} + - apiGroups: ['extensions'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: [{{ include "grafana.fullname" . }}] + {{- end }} + {{- if and .Values.rbac.namespaced (or .Values.sidecar.dashboards.enabled .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled) }} + - apiGroups: [""] # "" indicates the core API group + resources: ["configmaps", "secrets"] + verbs: ["get", "watch", "list"] + {{- end }} + {{- with .Values.rbac.extraRoleRules }} + {{- toYaml . | nindent 2 }} + {{- end}} +{{- else }} +rules: [] +{{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/rolebinding.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/rolebinding.yaml new file mode 100644 index 0000000..58f77c6 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/rolebinding.yaml @@ -0,0 +1,25 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "grafana.fullname" . }} + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + {{- if .Values.rbac.useExistingRole }} + name: {{ .Values.rbac.useExistingRole }} + {{- else }} + name: {{ include "grafana.fullname" . }} + {{- end }} +subjects: +- kind: ServiceAccount + name: {{ include "grafana.serviceAccountName" . }} + namespace: {{ include "grafana.namespace" . }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/route.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/route.yaml new file mode 100644 index 0000000..7bb2265 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/route.yaml @@ -0,0 +1,47 @@ +{{- range $name, $route := .Values.route }} + {{- if $route.enabled -}} +--- +apiVersion: {{ $route.apiVersion | default "gateway.networking.k8s.io/v1" }} +kind: {{ $route.kind | default "HTTPRoute" }} +metadata: + {{- with $route.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ template "grafana.fullname" $ }}{{ if ne $name "main" }}-{{ $name }}{{ end }} + namespace: {{ template "grafana.namespace" $ }} + labels: + app: {{ template "grafana.name" $ }}-prometheus + {{- include "grafana.labels" $ | nindent 4 }} + {{- with $route.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with $route.parentRefs }} + parentRefs: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with $route.hostnames }} + hostnames: + {{- tpl (toYaml .) $ | nindent 4 }} + {{- end }} + rules: + {{- if $route.additionalRules }} + {{- tpl (toYaml $route.additionalRules) $ | nindent 4 }} + {{- end }} + - backendRefs: + - name: {{ include "grafana.fullname" $ }} + port: {{ $.Values.service.port }} + group: '' + kind: Service + weight: 1 + {{- with $route.filters }} + filters: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $route.matches }} + matches: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/secret-env.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/secret-env.yaml new file mode 100644 index 0000000..eb14aac --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/secret-env.yaml @@ -0,0 +1,14 @@ +{{- if .Values.envRenderSecret }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "grafana.fullname" . }}-env + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} +type: Opaque +data: +{{- range $key, $val := .Values.envRenderSecret }} + {{ $key }}: {{ tpl ($val | toString) $ | b64enc | quote }} +{{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/secret.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/secret.yaml new file mode 100644 index 0000000..fd2ca50 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/secret.yaml @@ -0,0 +1,16 @@ +{{- if or (and (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION)) (and .Values.ldap.enabled (not .Values.ldap.existingSecret)) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "grafana.fullname" . }} + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +type: Opaque +data: + {{- include "grafana.secretsData" . | nindent 2 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/service.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/service.yaml new file mode 100644 index 0000000..f5e9e44 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/service.yaml @@ -0,0 +1,70 @@ +{{- if .Values.service.enabled }} +{{- $root := . }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "grafana.fullname" . }} + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.service.annotations }} + annotations: + {{- tpl (toYaml . | nindent 4) $root }} + {{- end }} +spec: + {{- if (or (eq .Values.service.type "ClusterIP") (empty .Values.service.type)) }} + type: ClusterIP + {{- with .Values.service.clusterIP }} + clusterIP: {{ . }} + {{- end }} + {{- else if eq .Values.service.type "LoadBalancer" }} + type: LoadBalancer + {{- with .Values.service.loadBalancerIP }} + loadBalancerIP: {{ . }} + {{- end }} + {{- with .Values.service.loadBalancerClass }} + loadBalancerClass: {{ . }} + {{- end }} + {{- with .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- else }} + type: {{ .Values.service.type }} + {{- end }} + {{- if .Values.service.ipFamilyPolicy }} + ipFamilyPolicy: {{ .Values.service.ipFamilyPolicy }} + {{- end }} + {{- if .Values.service.ipFamilies }} + ipFamilies: {{ .Values.service.ipFamilies | toYaml | nindent 2 }} + {{- end }} + {{- with .Values.service.externalIPs }} + externalIPs: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.service.externalTrafficPolicy }} + externalTrafficPolicy: {{ . }} + {{- end }} + {{- with .Values.service.sessionAffinity }} + sessionAffinity: {{ . }} + {{- end }} + ports: + - name: {{ .Values.service.portName }} + port: {{ .Values.service.port }} + protocol: TCP + targetPort: {{ .Values.service.targetPort }} + {{- with .Values.service.appProtocol }} + appProtocol: {{ . }} + {{- end }} + {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }} + nodePort: {{ .Values.service.nodePort }} + {{- end }} + {{- with .Values.extraExposePorts }} + {{- tpl (toYaml . | nindent 4) $root }} + {{- end }} + selector: + {{- include "grafana.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/serviceaccount.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/serviceaccount.yaml new file mode 100644 index 0000000..ffca071 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/serviceaccount.yaml @@ -0,0 +1,17 @@ +{{- if .Values.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.serviceAccount.autoMount | default .Values.serviceAccount.automountServiceAccountToken }} +metadata: + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} + name: {{ include "grafana.serviceAccountName" . }} + namespace: {{ include "grafana.namespace" . }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/servicemonitor.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/servicemonitor.yaml new file mode 100644 index 0000000..e3d1520 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/servicemonitor.yaml @@ -0,0 +1,56 @@ +{{- if .Values.serviceMonitor.enabled }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "grafana.fullname" . }} + {{- if .Values.serviceMonitor.namespace }} + namespace: {{ tpl .Values.serviceMonitor.namespace . }} + {{- else }} + namespace: {{ include "grafana.namespace" . }} + {{- end }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.serviceMonitor.labels }} + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} +spec: + endpoints: + - port: {{ .Values.service.portName }} + {{- with .Values.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} + {{- with .Values.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} + honorLabels: true + path: {{ .Values.serviceMonitor.path }} + scheme: {{ .Values.serviceMonitor.scheme }} + {{- with .Values.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.serviceMonitor.basicAuth }} + basicAuth: + {{- toYaml . | nindent 6 }} + {{- end }} + jobLabel: "{{ .Release.Name }}" + selector: + matchLabels: + {{- include "grafana.selectorLabels" . | nindent 6 }} + namespaceSelector: + matchNames: + - {{ include "grafana.namespace" . }} + {{- with .Values.serviceMonitor.targetLabels }} + targetLabels: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/statefulset.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/statefulset.yaml new file mode 100644 index 0000000..ede274b --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/statefulset.yaml @@ -0,0 +1,61 @@ +{{- $sts := list "sts" "StatefulSet" "statefulset" -}} +{{- if (or (.Values.useStatefulSet) (and .Values.persistence.enabled (not .Values.persistence.existingClaim) (has .Values.persistence.type $sts)))}} +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "grafana.fullname" . }} + namespace: {{ include "grafana.namespace" . }} + labels: + {{- include "grafana.labels" . | nindent 4 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + replicas: {{ .Values.replicas }} + selector: + matchLabels: + {{- include "grafana.selectorLabels" . | nindent 6 }} + serviceName: {{ include "grafana.fullname" . }}-headless + template: + metadata: + labels: + {{- include "grafana.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + checksum/dashboards-json-config: {{ include (print $.Template.BasePath "/dashboards-json-configmap.yaml") . | sha256sum }} + checksum/sc-dashboard-provider-config: {{ include (print $.Template.BasePath "/configmap-dashboard-provider.yaml") . | sha256sum }} + {{- if and (or (and (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD)) (and .Values.ldap.enabled (not .Values.ldap.existingSecret))) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} + checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} + {{- end }} + kubectl.kubernetes.io/default-container: {{ .Chart.Name }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- include "grafana.pod" . | nindent 6 }} + {{- if .Values.persistence.enabled}} + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: storage + spec: + accessModes: {{ .Values.persistence.accessModes }} + storageClassName: {{ .Values.persistence.storageClassName }} + {{- with .Values.persistence.volumeName }} + volumeName: {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size }} + {{- with .Values.persistence.selectorLabels }} + selector: + matchLabels: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-configmap.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-configmap.yaml new file mode 100644 index 0000000..5695df3 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-configmap.yaml @@ -0,0 +1,20 @@ +{{- if .Values.testFramework.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "grafana.fullname" . }}-test + namespace: {{ include "grafana.namespace" . }} + annotations: + "helm.sh/hook": {{ .Values.testFramework.hookType | default "test" }} + "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" + labels: + {{- include "grafana.labels" . | nindent 4 }} +data: + run.sh: |- + @test "Test Health" { + url="http://{{ include "grafana.fullname" . }}/api/health" + + code=$(wget --server-response --spider --timeout 90 --tries 10 ${url} 2>&1 | awk '/^ HTTP/{print $2}') + [ "$code" == "200" ] + } +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-podsecuritypolicy.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-podsecuritypolicy.yaml new file mode 100644 index 0000000..549400a --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-podsecuritypolicy.yaml @@ -0,0 +1,32 @@ +{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.testFramework.enabled .Values.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ include "grafana.fullname" . }}-test + annotations: + "helm.sh/hook": {{ .Values.testFramework.hookType | default "test" }} + "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" + labels: + {{- include "grafana.labels" . | nindent 4 }} +spec: + allowPrivilegeEscalation: true + privileged: false + hostNetwork: false + hostIPC: false + hostPID: false + fsGroup: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: RunAsAny + runAsUser: + rule: RunAsAny + volumes: + - configMap + - downwardAPI + - emptyDir + - projected + - csi + - secret +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-role.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-role.yaml new file mode 100644 index 0000000..0f04c56 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-role.yaml @@ -0,0 +1,17 @@ +{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.testFramework.enabled .Values.rbac.pspEnabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "grafana.fullname" . }}-test + namespace: {{ include "grafana.namespace" . }} + annotations: + "helm.sh/hook": {{ .Values.testFramework.hookType | default "test" }} + "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" + labels: + {{- include "grafana.labels" . | nindent 4 }} +rules: + - apiGroups: ['policy'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: [{{ include "grafana.fullname" . }}-test] +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-rolebinding.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-rolebinding.yaml new file mode 100644 index 0000000..811adb0 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-rolebinding.yaml @@ -0,0 +1,20 @@ +{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.testFramework.enabled .Values.rbac.pspEnabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "grafana.fullname" . }}-test + namespace: {{ include "grafana.namespace" . }} + annotations: + "helm.sh/hook": {{ .Values.testFramework.hookType | default "test" }} + "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" + labels: + {{- include "grafana.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "grafana.fullname" . }}-test +subjects: + - kind: ServiceAccount + name: {{ include "grafana.serviceAccountNameTest" . }} + namespace: {{ include "grafana.namespace" . }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-serviceaccount.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-serviceaccount.yaml new file mode 100644 index 0000000..2e5f322 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test-serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.testFramework.enabled .Values.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + {{- include "grafana.labels" . | nindent 4 }} + name: {{ include "grafana.serviceAccountNameTest" . }} + namespace: {{ include "grafana.namespace" . }} + annotations: + "helm.sh/hook": {{ .Values.testFramework.hookType | default "test" }} + "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test.yaml new file mode 100644 index 0000000..b6759b4 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/templates/tests/test.yaml @@ -0,0 +1,57 @@ +{{- if .Values.testFramework.enabled }} +{{- $root := . }} +apiVersion: v1 +kind: Pod +metadata: + name: {{ include "grafana.fullname" . }}-test + labels: + {{- include "grafana.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": {{ .Values.testFramework.hookType | default "test" }} + "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" + namespace: {{ include "grafana.namespace" . }} +spec: + serviceAccountName: {{ include "grafana.serviceAccountNameTest" . }} + {{- with .Values.testFramework.securityContext }} + securityContext: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if or .Values.image.pullSecrets .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- include "grafana.imagePullSecrets" (dict "root" $root "imagePullSecrets" .Values.image.pullSecrets) | nindent 4 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- tpl (toYaml .) $root | nindent 4 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 4 }} + {{- end }} + containers: + - name: {{ .Release.Name }}-test + image: "{{ .Values.global.imageRegistry | default .Values.testFramework.image.registry }}/{{ .Values.testFramework.image.repository }}:{{ .Values.testFramework.image.tag }}" + imagePullPolicy: "{{ .Values.testFramework.imagePullPolicy}}" + command: ["/opt/bats/bin/bats", "-t", "/tests/run.sh"] + {{- with .Values.testFramework.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + volumeMounts: + - mountPath: /tests + name: tests + readOnly: true + {{- with .Values.testFramework.resources }} + resources: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: tests + configMap: + name: {{ include "grafana.fullname" . }}-test + restartPolicy: Never +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/grafana/values.yaml b/charts/victoria-metrics-k8s-stack/charts/grafana/values.yaml new file mode 100644 index 0000000..1d92420 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/grafana/values.yaml @@ -0,0 +1,1654 @@ +global: + # -- Overrides the Docker registry globally for all images + imageRegistry: null + + # To help compatibility with other charts which use global.imagePullSecrets. + # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style). + # Can be templated. + # global: + # imagePullSecrets: + # - name: pullSecret1 + # - name: pullSecret2 + # or + # global: + # imagePullSecrets: + # - pullSecret1 + # - pullSecret2 + imagePullSecrets: [] + +rbac: + create: true + ## Use an existing ClusterRole/Role (depending on rbac.namespaced false/true) + # useExistingRole: name-of-some-role + # useExistingClusterRole: name-of-some-clusterRole + pspEnabled: false + pspUseAppArmor: false + namespaced: false + extraRoleRules: [] + # - apiGroups: [] + # resources: [] + # verbs: [] + extraClusterRoleRules: [] + # - apiGroups: [] + # resources: [] + # verbs: [] +serviceAccount: + create: true + name: + nameTest: + ## ServiceAccount labels. + labels: {} + ## Service account annotations. Can be templated. + # annotations: + # eks.amazonaws.com/role-arn: arn:aws:iam::123456789000:role/iam-role-name-here + + ## autoMount is deprecated in favor of automountServiceAccountToken + # autoMount: false + automountServiceAccountToken: false + +replicas: 1 + +## Create a headless service for the deployment +headlessService: false + +## Should the service account be auto mounted on the pod +automountServiceAccountToken: true + +## Create HorizontalPodAutoscaler object for deployment type +# +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 5 + targetCPU: "60" + targetMemory: "" + behavior: {} + +## See `kubectl explain poddisruptionbudget.spec` for more +## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ +podDisruptionBudget: {} +# apiVersion: "" +# minAvailable: 1 +# maxUnavailable: 1 +# unhealthyPodEvictionPolicy: IfHealthyBudget + +## See `kubectl explain deployment.spec.strategy` for more +## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy +deploymentStrategy: + type: RollingUpdate + +readinessProbe: + httpGet: + path: /api/health + port: 3000 + +livenessProbe: + httpGet: + path: /api/health + port: 3000 + initialDelaySeconds: 60 + timeoutSeconds: 30 + failureThreshold: 10 + +## Use an alternate scheduler, e.g. "stork". +## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ +## +# schedulerName: "default-scheduler" + +image: + # -- The Docker registry + registry: docker.io + # -- Docker image repository + repository: grafana/grafana + # Overrides the Grafana image tag whose default is the chart appVersion + tag: "" + sha: "" + pullPolicy: IfNotPresent + + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## Can be templated. + ## + pullSecrets: [] + # - myRegistrKeySecretName + +testFramework: + enabled: true + ## The type of Helm hook used to run this test. Defaults to test. + ## ref: https://helm.sh/docs/topics/charts_hooks/#the-available-hooks + ## + # hookType: test + image: + # -- The Docker registry + registry: docker.io + repository: bats/bats + tag: "v1.4.1" + imagePullPolicy: IfNotPresent + securityContext: {} + containerSecurityContext: {} + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +# dns configuration for pod +dnsPolicy: ~ +dnsConfig: {} + # nameservers: + # - 8.8.8.8 + # options: + # - name: ndots + # value: "2" + # - name: edns0 + +securityContext: + runAsNonRoot: true + runAsUser: 472 + runAsGroup: 472 + fsGroup: 472 + +containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + +# Enable creating the grafana configmap +createConfigmap: true + +# Extra configmaps to mount in grafana pods +# Values are templated. +extraConfigmapMounts: [] + # - name: certs-configmap + # mountPath: /etc/grafana/ssl/ + # subPath: certificates.crt # (optional) + # configMap: certs-configmap + # readOnly: true + # optional: false + + +extraEmptyDirMounts: [] + # - name: provisioning-notifiers + # mountPath: /etc/grafana/provisioning/notifiers + + +# Apply extra labels to common labels. +extraLabels: {} + +## Assign a PriorityClassName to pods if set +# priorityClassName: + +downloadDashboardsImage: + # -- The Docker registry + registry: docker.io + repository: curlimages/curl + tag: 8.9.1 + sha: "" + pullPolicy: IfNotPresent + +downloadDashboards: + env: {} + envFromSecret: "" + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + envValueFrom: {} + # ENV_NAME: + # configMapKeyRef: + # name: configmap-name + # key: value_key + +## Pod Annotations +# podAnnotations: {} + +## ConfigMap Annotations +# configMapAnnotations: {} + # argocd.argoproj.io/sync-options: Replace=true + +## Pod Labels +# podLabels: {} + +podPortName: grafana +gossipPortName: gossip +## Deployment annotations +# annotations: {} + +## Expose the grafana service to be accessed from outside the cluster (LoadBalancer service). +## or access it from within the cluster (ClusterIP service). Set the service type and the port to serve it. +## ref: http://kubernetes.io/docs/user-guide/services/ +## +service: + enabled: true + type: ClusterIP + # Set the ip family policy to configure dual-stack see [Configure dual-stack](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services) + ipFamilyPolicy: "" + # Sets the families that should be supported and the order in which they should be applied to ClusterIP as well. Can be IPv4 and/or IPv6. + ipFamilies: [] + loadBalancerIP: "" + loadBalancerClass: "" + loadBalancerSourceRanges: [] + port: 80 + targetPort: 3000 + # targetPort: 4181 To be used with a proxy extraContainer + ## Service annotations. Can be templated. + annotations: {} + labels: {} + portName: service + # Adds the appProtocol field to the service. This allows to work with istio protocol selection. Ex: "http" or "tcp" + appProtocol: "" + sessionAffinity: "" + +serviceMonitor: + ## If true, a ServiceMonitor CR is created for a prometheus operator + ## https://github.com/coreos/prometheus-operator + ## + enabled: false + path: /metrics + # namespace: monitoring (defaults to use the namespace this chart is deployed to) + labels: {} + interval: 30s + scheme: http + tlsConfig: {} + scrapeTimeout: 30s + relabelings: [] + metricRelabelings: [] + basicAuth: {} + targetLabels: [] + +extraExposePorts: [] + # - name: keycloak + # port: 8080 + # targetPort: 8080 + +# overrides pod.spec.hostAliases in the grafana deployment's pods +hostAliases: [] + # - ip: "1.2.3.4" + # hostnames: + # - "my.host.com" + +ingress: + enabled: false + # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName + # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress + # ingressClassName: nginx + # Values can be templated + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + labels: {} + path: / + + # pathType is only for k8s >= 1.1= + pathType: Prefix + + hosts: + - chart-example.local + ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services. + extraPaths: [] + # - path: /* + # backend: + # serviceName: ssl-redirect + # servicePort: use-annotation + ## Or for k8s > 1.19 + # - path: /* + # pathType: Prefix + # backend: + # service: + # name: ssl-redirect + # port: + # name: use-annotation + + + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +# -- BETA: Configure the gateway routes for the chart here. +# More routes can be added by adding a dictionary key like the 'main' route. +# Be aware that this is an early beta of this feature, +# kube-prometheus-stack does not guarantee this works and is subject to change. +# Being BETA this can/will change in the future without notice, do not use unless you want to take that risk +# [[ref]](https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io%2fv1alpha2) +route: + main: + # -- Enables or disables the route + enabled: false + + # -- Set the route apiVersion, e.g. gateway.networking.k8s.io/v1 or gateway.networking.k8s.io/v1alpha2 + apiVersion: gateway.networking.k8s.io/v1 + # -- Set the route kind + # Valid options are GRPCRoute, HTTPRoute, TCPRoute, TLSRoute, UDPRoute + kind: HTTPRoute + + annotations: {} + labels: {} + + hostnames: [] + # - my-filter.example.com + parentRefs: [] + # - name: acme-gw + + matches: + - path: + type: PathPrefix + value: / + + ## Filters define the filters that are applied to requests that match this rule. + filters: [] + + ## Additional custom rules that can be added to the route + additionalRules: [] + +resources: {} +# limits: +# cpu: 100m +# memory: 128Mi +# requests: +# cpu: 100m +# memory: 128Mi + +## Node labels for pod assignment +## ref: https://kubernetes.io/docs/user-guide/node-selection/ +# +nodeSelector: {} + +## Tolerations for pod assignment +## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +## +tolerations: [] + +## Affinity for pod assignment (evaluated as template) +## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +## +affinity: {} + +## Topology Spread Constraints +## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ +## +topologySpreadConstraints: [] + +## Additional init containers (evaluated as template) +## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ +## +extraInitContainers: [] + +## Enable an Specify container in extraContainers. This is meant to allow adding an authentication proxy to a grafana pod +extraContainers: "" +# extraContainers: | +# - name: proxy +# image: quay.io/gambol99/keycloak-proxy:latest +# args: +# - -provider=github +# - -client-id= +# - -client-secret= +# - -github-org= +# - -email-domain=* +# - -cookie-secret= +# - -http-address=http://0.0.0.0:4181 +# - -upstream-url=http://127.0.0.1:3000 +# ports: +# - name: proxy-web +# containerPort: 4181 + +## Volumes that can be used in init containers that will not be mounted to deployment pods +extraContainerVolumes: [] +# - name: volume-from-secret +# secret: +# secretName: secret-to-mount +# - name: empty-dir-volume +# emptyDir: {} + +## Enable persistence using Persistent Volume Claims +## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ +## +persistence: + type: pvc + enabled: false + # storageClassName: default + ## (Optional) Use this to bind the claim to an existing PersistentVolume (PV) by name. + volumeName: "" + accessModes: + - ReadWriteOnce + size: 10Gi + # annotations: {} + finalizers: + - kubernetes.io/pvc-protection + # selectorLabels: {} + ## Sub-directory of the PV to mount. Can be templated. + # subPath: "" + ## Name of an existing PVC. Can be templated. + # existingClaim: + ## Extra labels to apply to a PVC. + extraPvcLabels: {} + disableWarning: false + + ## If persistence is not enabled, this allows to mount the + ## local storage in-memory to improve performance + ## + inMemory: + enabled: false + ## The maximum usage on memory medium EmptyDir would be + ## the minimum value between the SizeLimit specified + ## here and the sum of memory limits of all containers in a pod + ## + # sizeLimit: 300Mi + + ## If 'lookupVolumeName' is set to true, Helm will attempt to retrieve + ## the current value of 'spec.volumeName' and incorporate it into the template. + lookupVolumeName: true + +initChownData: + ## If false, data ownership will not be reset at startup + ## This allows the grafana-server to be run with an arbitrary user + ## + enabled: true + + ## initChownData container image + ## + image: + # -- The Docker registry + registry: docker.io + repository: library/busybox + tag: "1.31.1" + sha: "" + pullPolicy: IfNotPresent + + ## initChownData resource requests and limits + ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + securityContext: + readOnlyRootFilesystem: false + runAsNonRoot: false + runAsUser: 0 + seccompProfile: + type: RuntimeDefault + capabilities: + add: + - CHOWN + drop: + - ALL + +# Administrator credentials when not using an existing secret (see below) +adminUser: admin +# adminPassword: strongpassword + +# Use an existing secret for the admin user. +admin: + ## Name of the secret. Can be templated. + existingSecret: "" + userKey: admin-user + passwordKey: admin-password + +## Define command to be executed at startup by grafana container +## Needed if using `vault-env` to manage secrets (ref: https://banzaicloud.com/blog/inject-secrets-into-pods-vault/) +## Default is "run.sh" as defined in grafana's Dockerfile +# command: +# - "sh" +# - "/run.sh" + +## Optionally define args if command is used +## Needed if using `hashicorp/envconsul` to manage secrets +## By default no arguments are set +# args: +# - "-secret" +# - "secret/grafana" +# - "./grafana" + +## Extra environment variables that will be pass onto deployment pods +## +## to provide grafana with access to CloudWatch on AWS EKS: +## 1. create an iam role of type "Web identity" with provider oidc.eks.* (note the provider for later) +## 2. edit the "Trust relationships" of the role, add a line inside the StringEquals clause using the +## same oidc eks provider as noted before (same as the existing line) +## also, replace NAMESPACE and prometheus-operator-grafana with the service account namespace and name +## +## "oidc.eks.us-east-1.amazonaws.com/id/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:sub": "system:serviceaccount:NAMESPACE:prometheus-operator-grafana", +## +## 3. attach a policy to the role, you can use a built in policy called CloudWatchReadOnlyAccess +## 4. use the following env: (replace 123456789000 and iam-role-name-here with your aws account number and role name) +## +## env: +## AWS_ROLE_ARN: arn:aws:iam::123456789000:role/iam-role-name-here +## AWS_WEB_IDENTITY_TOKEN_FILE: /var/run/secrets/eks.amazonaws.com/serviceaccount/token +## AWS_REGION: us-east-1 +## +## 5. uncomment the EKS section in extraSecretMounts: below +## 6. uncomment the annotation section in the serviceAccount: above +## make sure to replace arn:aws:iam::123456789000:role/iam-role-name-here with your role arn + +env: {} + +## "valueFrom" environment variable references that will be added to deployment pods. Name is templated. +## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core +## Renders in container spec as: +## env: +## ... +## - name: +## valueFrom: +## +envValueFrom: {} + # ENV_NAME: + # configMapKeyRef: + # name: configmap-name + # key: value_key + +## The name of a secret in the same kubernetes namespace which contain values to be added to the environment +## This can be useful for auth tokens, etc. Value is templated. +envFromSecret: "" + +## Sensible environment variables that will be rendered as new secret object +## This can be useful for auth tokens, etc. +## If the secret values contains "{{", they'll need to be properly escaped so that they are not interpreted by Helm +## ref: https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function +envRenderSecret: {} + +## The names of secrets in the same kubernetes namespace which contain values to be added to the environment +## Each entry should contain a name key, and can optionally specify whether the secret must be defined with an optional key. +## Name is templated. +envFromSecrets: [] +## - name: secret-name +## prefix: prefix +## optional: true + +## The names of conifgmaps in the same kubernetes namespace which contain values to be added to the environment +## Each entry should contain a name key, and can optionally specify whether the configmap must be defined with an optional key. +## Name is templated. +## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#configmapenvsource-v1-core +envFromConfigMaps: [] +## - name: configmap-name +## prefix: prefix +## optional: true + +# Inject Kubernetes services as environment variables. +# See https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#environment-variables +enableServiceLinks: true + +## Additional grafana server secret mounts +# Defines additional mounts with secrets. Secrets must be manually created in the namespace. +extraSecretMounts: [] + # - name: secret-files + # mountPath: /etc/secrets + # secretName: grafana-secret-files + # readOnly: true + # optional: false + # subPath: "" + # + # for AWS EKS (cloudwatch) use the following (see also instruction in env: above) + # - name: aws-iam-token + # mountPath: /var/run/secrets/eks.amazonaws.com/serviceaccount + # readOnly: true + # projected: + # defaultMode: 420 + # sources: + # - serviceAccountToken: + # audience: sts.amazonaws.com + # expirationSeconds: 86400 + # path: token + # + # for CSI e.g. Azure Key Vault use the following + # - name: secrets-store-inline + # mountPath: /run/secrets + # readOnly: true + # csi: + # driver: secrets-store.csi.k8s.io + # readOnly: true + # volumeAttributes: + # secretProviderClass: "akv-grafana-spc" + # nodePublishSecretRef: # Only required when using service principal mode + # name: grafana-akv-creds # Only required when using service principal mode + +## Additional grafana server volume mounts +# Defines additional volume mounts. +extraVolumeMounts: [] + # - name: extra-volume-0 + # mountPath: /mnt/volume0 + # readOnly: true + # - name: extra-volume-1 + # mountPath: /mnt/volume1 + # readOnly: true + # - name: grafana-secrets + # mountPath: /mnt/volume2 + +## Additional Grafana server volumes +extraVolumes: [] + # - name: extra-volume-0 + # existingClaim: volume-claim + # - name: extra-volume-1 + # hostPath: + # path: /usr/shared/ + # type: "" + # - name: grafana-secrets + # csi: + # driver: secrets-store.csi.k8s.io + # readOnly: true + # volumeAttributes: + # secretProviderClass: "grafana-env-spc" + +## Container Lifecycle Hooks. Execute a specific bash command or make an HTTP request +lifecycleHooks: {} + # postStart: + # exec: + # command: [] + +## Pass the plugins you want installed as a list. +## +plugins: [] + # - digrich-bubblechart-panel + # - grafana-clock-panel + ## You can also use other plugin download URL, as long as they are valid zip files, + ## and specify the name of the plugin after the semicolon. Like this: + # - https://grafana.com/api/plugins/marcusolsson-json-datasource/versions/1.3.2/download;marcusolsson-json-datasource + +## Configure grafana datasources +## ref: http://docs.grafana.org/administration/provisioning/#datasources +## +datasources: {} +# datasources.yaml: +# apiVersion: 1 +# datasources: +# - name: Prometheus +# type: prometheus +# url: http://prometheus-prometheus-server +# access: proxy +# isDefault: true +# - name: CloudWatch +# type: cloudwatch +# access: proxy +# uid: cloudwatch +# editable: false +# jsonData: +# authType: default +# defaultRegion: us-east-1 +# deleteDatasources: [] +# - name: Prometheus + +## Configure grafana alerting (can be templated) +## ref: https://docs.grafana.com/alerting/set-up/provision-alerting-resources/file-provisioning/ +## +alerting: {} + # policies.yaml: + # apiVersion: 1 + # policies: + # - orgId: 1 + # receiver: first_uid + # + # rules.yaml: + # apiVersion: 1 + # groups: + # - orgId: 1 + # name: '{{ .Chart.Name }}_my_rule_group' + # folder: my_first_folder + # interval: 60s + # rules: + # - uid: my_id_1 + # title: my_first_rule + # condition: A + # data: + # - refId: A + # datasourceUid: '-100' + # model: + # conditions: + # - evaluator: + # params: + # - 3 + # type: gt + # operator: + # type: and + # query: + # params: + # - A + # reducer: + # type: last + # type: query + # datasource: + # type: __expr__ + # uid: '-100' + # expression: 1==0 + # intervalMs: 1000 + # maxDataPoints: 43200 + # refId: A + # type: math + # dashboardUid: my_dashboard + # panelId: 123 + # noDataState: Alerting + # for: 60s + # annotations: + # some_key: some_value + # labels: + # team: sre_team_1 + # + # contactpoints.yaml: + # secret: + # apiVersion: 1 + # contactPoints: + # - orgId: 1 + # name: cp_1 + # receivers: + # - uid: first_uid + # type: pagerduty + # settings: + # integrationKey: XXX + # severity: critical + # class: ping failure + # component: Grafana + # group: app-stack + # summary: | + # {{ `{{ include "default.message" . }}` }} + # + # templates.yaml: + # apiVersion: 1 + # templates: + # - orgId: 1 + # name: my_first_template + # template: | + # {{ ` + # {{ define "my_first_template" }} + # Custom notification message + # {{ end }} + # ` }} + # + # mutetimes.yaml + # apiVersion: 1 + # muteTimes: + # - orgId: 1 + # name: mti_1 + # # refer to https://prometheus.io/docs/alerting/latest/configuration/#time_interval-0 + # time_intervals: {} + +## Configure notifiers +## ref: http://docs.grafana.org/administration/provisioning/#alert-notification-channels +## +notifiers: {} +# notifiers.yaml: +# notifiers: +# - name: email-notifier +# type: email +# uid: email1 +# # either: +# org_id: 1 +# # or +# org_name: Main Org. +# is_default: true +# settings: +# addresses: an_email_address@example.com +# delete_notifiers: + +## Configure grafana dashboard providers +## ref: http://docs.grafana.org/administration/provisioning/#dashboards +## +## `path` must be /var/lib/grafana/dashboards/ +## +dashboardProviders: {} +# dashboardproviders.yaml: +# apiVersion: 1 +# providers: +# - name: 'default' +# orgId: 1 +# folder: '' +# type: file +# disableDeletion: false +# editable: true +# options: +# path: /var/lib/grafana/dashboards/default + +## Configure how curl fetches remote dashboards. The beginning dash is required. +## NOTE: This sets the default short flags for all dashboards, but these +## defaults can be overridden individually for each dashboard by setting +## curlOptions. See the example dashboards section below. +## +## -s - silent mode +## -k - allow insecure (eg: non-TLS) connections +## -f - fail fast +## See the curl documentation for additional options +## +defaultCurlOptions: "-skf" + +## Configure grafana dashboard to import +## NOTE: To use dashboards you must also enable/configure dashboardProviders +## ref: https://grafana.com/dashboards +## +## dashboards per provider, use provider name as key. +## +dashboards: {} + # default: + # some-dashboard: + # json: | + # $RAW_JSON + # custom-dashboard: + # file: dashboards/custom-dashboard.json + # prometheus-stats: + # gnetId: 2 + # revision: 2 + # datasource: Prometheus + # local-dashboard: + # url: https://example.com/repository/test.json + # curlOptions: "-sLf" + # token: '' + # local-dashboard-base64: + # url: https://example.com/repository/test-b64.json + # token: '' + # b64content: true + # local-dashboard-gitlab: + # url: https://example.com/repository/test-gitlab.json + # gitlabToken: '' + # local-dashboard-bitbucket: + # url: https://example.com/repository/test-bitbucket.json + # bearerToken: '' + # local-dashboard-azure: + # url: https://example.com/repository/test-azure.json + # basic: '' + # acceptHeader: '*/*' + +## Reference to external ConfigMap per provider. Use provider name as key and ConfigMap name as value. +## A provider dashboards must be defined either by external ConfigMaps or in values.yaml, not in both. +## ConfigMap data example: +## +## data: +## example-dashboard.json: | +## RAW_JSON +## +dashboardsConfigMaps: {} +# default: "" + +## Grafana's primary configuration +## NOTE: values in map will be converted to ini format +## ref: http://docs.grafana.org/installation/configuration/ +## +grafana.ini: + paths: + data: /var/lib/grafana/ + logs: /var/log/grafana + plugins: /var/lib/grafana/plugins + provisioning: /etc/grafana/provisioning + analytics: + check_for_updates: true + log: + mode: console + grafana_net: + url: https://grafana.net + server: + domain: "{{ if (and .Values.ingress.enabled .Values.ingress.hosts) }}{{ tpl (.Values.ingress.hosts | first) . }}{{ else }}''{{ end }}" +## grafana Authentication can be enabled with the following values on grafana.ini + # server: + # The full public facing url you use in browser, used for redirects and emails + # root_url: + # https://grafana.com/docs/grafana/latest/auth/github/#enable-github-in-grafana + # auth.github: + # enabled: false + # allow_sign_up: false + # scopes: user:email,read:org + # auth_url: https://github.com/login/oauth/authorize + # token_url: https://github.com/login/oauth/access_token + # api_url: https://api.github.com/user + # team_ids: + # allowed_organizations: + # client_id: + # client_secret: +## LDAP Authentication can be enabled with the following values on grafana.ini +## NOTE: Grafana will fail to start if the value for ldap.toml is invalid + # auth.ldap: + # enabled: true + # allow_sign_up: true + # config_file: /etc/grafana/ldap.toml +## Grafana's alerting configuration + # unified_alerting: + # enabled: true + # rule_version_record_limit: "5" + +## Grafana's LDAP configuration +## Templated by the template in _helpers.tpl +## NOTE: To enable the grafana.ini must be configured with auth.ldap.enabled +## ref: http://docs.grafana.org/installation/configuration/#auth-ldap +## ref: http://docs.grafana.org/installation/ldap/#configuration +ldap: + enabled: false + # `existingSecret` is a reference to an existing secret containing the ldap configuration + # for Grafana in a key `ldap-toml`. + existingSecret: "" + # `config` is the content of `ldap.toml` that will be stored in the created secret + config: "" + # config: |- + # verbose_logging = true + + # [[servers]] + # host = "my-ldap-server" + # port = 636 + # use_ssl = true + # start_tls = false + # ssl_skip_verify = false + # bind_dn = "uid=%s,ou=users,dc=myorg,dc=com" + +# When process namespace sharing is enabled, processes in a container are visible to all other containers in the same pod +# This parameter is added because the ldap reload api is not working https://grafana.com/docs/grafana/latest/developers/http_api/admin/#reload-ldap-configuration +# To allow an extraContainer to restart the Grafana container +shareProcessNamespace: false + +## Grafana's SMTP configuration +## NOTE: To enable, grafana.ini must be configured with smtp.enabled +## ref: http://docs.grafana.org/installation/configuration/#smtp +smtp: + # `existingSecret` is a reference to an existing secret containing the smtp configuration + # for Grafana. + existingSecret: "" + userKey: "user" + passwordKey: "password" + +## Sidecars that collect the configmaps with specified label and stores the included files them into the respective folders +## Requires at least Grafana 5 to work and can't be used together with parameters dashboardProviders, datasources and dashboards +sidecar: + image: + # -- The Docker registry + registry: quay.io + repository: kiwigrid/k8s-sidecar + tag: 1.30.5 + sha: "" + imagePullPolicy: IfNotPresent + resources: {} +# limits: +# cpu: 100m +# memory: 100Mi +# requests: +# cpu: 50m +# memory: 50Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + # skipTlsVerify Set to true to skip tls verification for kube api calls + # skipTlsVerify: true + enableUniqueFilenames: false + readinessProbe: {} + livenessProbe: {} + # Log level default for all sidecars. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL. Defaults to INFO + # logLevel: INFO + alerts: + enabled: false + # Additional environment variables for the alerts sidecar + env: {} + ## "valueFrom" environment variable references that will be added to deployment pods. Name is templated. + ## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core + ## Renders in container spec as: + ## env: + ## ... + ## - name: + ## valueFrom: + ## + envValueFrom: {} + # ENV_NAME: + # configMapKeyRef: + # name: configmap-name + # key: value_key + # Do not reprocess already processed unchanged resources on k8s API reconnect. + # ignoreAlreadyProcessed: true + # label that the configmaps with alert are marked with (can be templated) + label: grafana_alert + # value of label that the configmaps with alert are set to (can be templated) + labelValue: "" + # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL. + # logLevel: INFO + # If specified, the sidecar will search for alert config-maps inside this namespace. + # Otherwise the namespace in which the sidecar is running will be used. + # It's also possible to specify ALL to search in all namespaces + searchNamespace: null + # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. + watchMethod: WATCH + # search in configmap, secret or both + resource: both + # + # resourceName: comma separated list of resource names to be fetched/checked by this sidecar. + # per default all resources of the type defined in {{ .Values.sidecar.alerts.resource }} will be checked. + # This e.g. allows stricter RBAC rules which are limited to the resources meant for the sidecars. + # resourceName: "secret/alerts-1,configmap/alerts-0" + resourceName: "" + # + # watchServerTimeout: request to the server, asking it to cleanly close the connection after that. + # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S + # watchServerTimeout: 3600 + # + # watchClientTimeout: is a client-side timeout, configuring your local socket. + # If you have a network outage dropping all packets with no RST/FIN, + # this is how long your client waits before realizing & dropping the connection. + # defaults to 66sec (sic!) + # watchClientTimeout: 60 + # + # maxTotalRetries: Total number of retries to allow for any http request. + # Takes precedence over other counts. Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry. + # maxTotalRetries: 5 + # + # maxConnectRetries: How many connection-related errors to retry on for any http request. + # These are errors raised before the request is sent to the remote server, which we assume has not triggered the server to process the request. + # Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry of this type. + # maxConnectRetries: 10 + # + # maxReadRetries: How many times to retry on read errors for any http request + # These errors are raised after the request was sent to the server, so the request may have side-effects. + # Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry of this type. + # maxReadRetries: 5 + # + # Endpoint to send request to reload alerts + reloadURL: "http://localhost:3000/api/admin/provisioning/alerting/reload" + # Absolute path to a script to execute after a configmap got reloaded. + # It runs before calls to REQ_URI. If the file is not executable it will be passed to sh. + # Otherwise, it's executed as is. Shebangs known to work are #!/bin/sh and #!/usr/bin/env python + script: null + skipReload: false + # This is needed if skipReload is true, to load any alerts defined at startup time. + # Deploy the alert sidecar as an initContainer. + initAlerts: false + # Additional alerts sidecar volume mounts + extraMounts: [] + # Sets the size limit of the alert sidecar emptyDir volume + sizeLimit: "" + dashboards: + enabled: false + # Additional environment variables for the dashboards sidecar + env: {} + ## "valueFrom" environment variable references that will be added to deployment pods. Name is templated. + ## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core + ## Renders in container spec as: + ## env: + ## ... + ## - name: + ## valueFrom: + ## + envValueFrom: {} + # ENV_NAME: + # configMapKeyRef: + # name: configmap-name + # key: value_key + # Do not reprocess already processed unchanged resources on k8s API reconnect. + # ignoreAlreadyProcessed: true + SCProvider: true + # label that the configmaps with dashboards are marked with (can be templated) + label: grafana_dashboard + # value of label that the configmaps with dashboards are set to (can be templated) + labelValue: "" + # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL. + # logLevel: INFO + # folder in the pod that should hold the collected dashboards (unless `defaultFolderName` is set) + folder: /tmp/dashboards + # The default folder name, it will create a subfolder under the `folder` and put dashboards in there instead + defaultFolderName: null + # Namespaces list. If specified, the sidecar will search for config-maps/secrets inside these namespaces. + # Otherwise the namespace in which the sidecar is running will be used. + # It's also possible to specify ALL to search in all namespaces. + searchNamespace: null + # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. + watchMethod: WATCH + # search in configmap, secret or both + resource: both + # If specified, the sidecar will look for annotation with this name to create folder and put graph here. + # You can use this parameter together with `provider.foldersFromFilesStructure`to annotate configmaps and create folder structure. + folderAnnotation: null + # + # resourceName: comma separated list of resource names to be fetched/checked by this sidecar. + # per default all resources of the type defined in {{ .Values.sidecar.dashboards.resource }} will be checked. + # This e.g. allows stricter RBAC rules which are limited to the resources meant for the sidecars. + # resourceName: "secret/dashboards-0,configmap/dashboards-1" + resourceName: "" + # + # maxTotalRetries: Total number of retries to allow for any http request. + # Takes precedence over other counts. Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry. + # maxTotalRetries: 5 + # + # maxConnectRetries: How many connection-related errors to retry on for any http request. + # These are errors raised before the request is sent to the remote server, which we assume has not triggered the server to process the request. + # Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry of this type. + # maxConnectRetries: 10 + # + # maxReadRetries: How many times to retry on read errors for any http request + # These errors are raised after the request was sent to the server, so the request may have side-effects. + # Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry of this type. + # maxReadRetries: 5 + # + # Endpoint to send request to reload alerts + reloadURL: "http://localhost:3000/api/admin/provisioning/dashboards/reload" + # Absolute path to a script to execute after a configmap got reloaded. + # It runs before calls to REQ_URI. If the file is not executable it will be passed to sh. + # Otherwise, it's executed as is. Shebangs known to work are #!/bin/sh and #!/usr/bin/env python + script: null + skipReload: false + # watchServerTimeout: request to the server, asking it to cleanly close the connection after that. + # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S + # watchServerTimeout: 3600 + # + # watchClientTimeout: is a client-side timeout, configuring your local socket. + # If you have a network outage dropping all packets with no RST/FIN, + # this is how long your client waits before realizing & dropping the connection. + # defaults to 66sec (sic!) + # watchClientTimeout: 60 + # + # provider configuration that lets grafana manage the dashboards + provider: + # name of the provider, should be unique + name: sidecarProvider + # orgid as configured in grafana + orgid: 1 + # folder in which the dashboards should be imported in grafana + folder: '' + # folder UID. will be automatically generated if not specified + folderUid: '' + # type of the provider + type: file + # disableDelete to activate a import-only behaviour + disableDelete: false + # allow updating provisioned dashboards from the UI + allowUiUpdates: false + # allow Grafana to replicate dashboard structure from filesystem + foldersFromFilesStructure: false + # Additional dashboards sidecar volume mounts + extraMounts: [] + # Sets the size limit of the dashboard sidecar emptyDir volume + sizeLimit: "" + datasources: + enabled: false + # Additional environment variables for the datasourcessidecar + env: {} + ## "valueFrom" environment variable references that will be added to deployment pods. Name is templated. + ## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core + ## Renders in container spec as: + ## env: + ## ... + ## - name: + ## valueFrom: + ## + envValueFrom: {} + # ENV_NAME: + # configMapKeyRef: + # name: configmap-name + # key: value_key + # Do not reprocess already processed unchanged resources on k8s API reconnect. + # ignoreAlreadyProcessed: true + # label that the configmaps with datasources are marked with (can be templated) + label: grafana_datasource + # value of label that the configmaps with datasources are set to (can be templated) + labelValue: "" + # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL. + # logLevel: INFO + # If specified, the sidecar will search for datasource config-maps inside this namespace. + # Otherwise the namespace in which the sidecar is running will be used. + # It's also possible to specify ALL to search in all namespaces + searchNamespace: null + # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. + watchMethod: WATCH + # search in configmap, secret or both + resource: both + # + # resourceName: comma separated list of resource names to be fetched/checked by this sidecar. + # per default all resources of the type defined in {{ .Values.sidecar.datasources.resource }} will be checked. + # This e.g. allows stricter RBAC rules which are limited to the resources meant for the sidecars. + # resourceName: "secret/datasources-0,configmap/datasources-15" + resourceName: "" + # + # watchServerTimeout: request to the server, asking it to cleanly close the connection after that. + # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S + # watchServerTimeout: 3600 + # + # watchClientTimeout: is a client-side timeout, configuring your local socket. + # If you have a network outage dropping all packets with no RST/FIN, + # this is how long your client waits before realizing & dropping the connection. + # defaults to 66sec (sic!) + # watchClientTimeout: 60 + # + # maxTotalRetries: Total number of retries to allow for any http request. + # Takes precedence over other counts. Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry. + # maxTotalRetries: 5 + # + # maxConnectRetries: How many connection-related errors to retry on for any http request. + # These are errors raised before the request is sent to the remote server, which we assume has not triggered the server to process the request. + # Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry of this type. + # maxConnectRetries: 10 + # + # maxReadRetries: How many times to retry on read errors for any http request + # These errors are raised after the request was sent to the server, so the request may have side-effects. + # Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry of this type. + # maxReadRetries: 5 + # + # Endpoint to send request to reload datasources + reloadURL: "http://localhost:3000/api/admin/provisioning/datasources/reload" + # Absolute path to a script to execute after a configmap got reloaded. + # It runs before calls to REQ_URI. If the file is not executable it will be passed to sh. + # Otherwise, it's executed as is. Shebangs known to work are #!/bin/sh and #!/usr/bin/env python + script: null + skipReload: false + # This is needed if skipReload is true, to load any datasources defined at startup time. + # Deploy the datasources sidecar as an initContainer. + initDatasources: false + # Additional datasources sidecar volume mounts + extraMounts: [] + # Sets the size limit of the datasource sidecar emptyDir volume + sizeLimit: "" + plugins: + enabled: false + # Additional environment variables for the plugins sidecar + env: {} + # Do not reprocess already processed unchanged resources on k8s API reconnect. + # ignoreAlreadyProcessed: true + # label that the configmaps with plugins are marked with (can be templated) + label: grafana_plugin + # value of label that the configmaps with plugins are set to (can be templated) + labelValue: "" + # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL. + # logLevel: INFO + # If specified, the sidecar will search for plugin config-maps inside this namespace. + # Otherwise the namespace in which the sidecar is running will be used. + # It's also possible to specify ALL to search in all namespaces + searchNamespace: null + # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. + watchMethod: WATCH + # search in configmap, secret or both + resource: both + # + # resourceName: comma separated list of resource names to be fetched/checked by this sidecar. + # per default all resources of the type defined in {{ .Values.sidecar.plugins.resource }} will be checked. + # This e.g. allows stricter RBAC rules which are limited to the resources meant for the sidecars. + # resourceName: "secret/plugins-0,configmap/plugins-1" + resourceName: "" + # + # watchServerTimeout: request to the server, asking it to cleanly close the connection after that. + # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S + # watchServerTimeout: 3600 + # + # watchClientTimeout: is a client-side timeout, configuring your local socket. + # If you have a network outage dropping all packets with no RST/FIN, + # this is how long your client waits before realizing & dropping the connection. + # defaults to 66sec (sic!) + # watchClientTimeout: 60 + # + # maxTotalRetries: Total number of retries to allow for any http request. + # Takes precedence over other counts. Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry. + # maxTotalRetries: 5 + # + # maxConnectRetries: How many connection-related errors to retry on for any http request. + # These are errors raised before the request is sent to the remote server, which we assume has not triggered the server to process the request. + # Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry of this type. + # maxConnectRetries: 10 + # + # maxReadRetries: How many times to retry on read errors for any http request + # These errors are raised after the request was sent to the server, so the request may have side-effects. + # Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry of this type. + # maxReadRetries: 5 + # + # Endpoint to send request to reload plugins + reloadURL: "http://localhost:3000/api/admin/provisioning/plugins/reload" + # Absolute path to a script to execute after a configmap got reloaded. + # It runs before calls to REQ_URI. If the file is not executable it will be passed to sh. + # Otherwise, it's executed as is. Shebangs known to work are #!/bin/sh and #!/usr/bin/env python + script: null + skipReload: false + # Deploy the datasource sidecar as an initContainer in addition to a container. + # This is needed if skipReload is true, to load any plugins defined at startup time. + initPlugins: false + # Additional plugins sidecar volume mounts + extraMounts: [] + # Sets the size limit of the plugin sidecar emptyDir volume + sizeLimit: "" + notifiers: + enabled: false + # Additional environment variables for the notifierssidecar + env: {} + # Do not reprocess already processed unchanged resources on k8s API reconnect. + # ignoreAlreadyProcessed: true + # label that the configmaps with notifiers are marked with (can be templated) + label: grafana_notifier + # value of label that the configmaps with notifiers are set to (can be templated) + labelValue: "" + # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL. + # logLevel: INFO + # If specified, the sidecar will search for notifier config-maps inside this namespace. + # Otherwise the namespace in which the sidecar is running will be used. + # It's also possible to specify ALL to search in all namespaces + searchNamespace: null + # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. + watchMethod: WATCH + # search in configmap, secret or both + resource: both + # + # resourceName: comma separated list of resource names to be fetched/checked by this sidecar. + # per default all resources of the type defined in {{ .Values.sidecar.notifiers.resource }} will be checked. + # This e.g. allows stricter RBAC rules which are limited to the resources meant for the sidecars. + # resourceName: "secret/notifiers-2,configmap/notifiers-1" + resourceName: "" + # + # watchServerTimeout: request to the server, asking it to cleanly close the connection after that. + # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S + # watchServerTimeout: 3600 + # + # watchClientTimeout: is a client-side timeout, configuring your local socket. + # If you have a network outage dropping all packets with no RST/FIN, + # this is how long your client waits before realizing & dropping the connection. + # defaults to 66sec (sic!) + # watchClientTimeout: 60 + # + # maxTotalRetries: Total number of retries to allow for any http request. + # Takes precedence over other counts. Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry. + # maxTotalRetries: 5 + # + # maxConnectRetries: How many connection-related errors to retry on for any http request. + # These are errors raised before the request is sent to the remote server, which we assume has not triggered the server to process the request. + # Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry of this type. + # maxConnectRetries: 10 + # + # maxReadRetries: How many times to retry on read errors for any http request + # These errors are raised after the request was sent to the server, so the request may have side-effects. + # Applies to all requests to reloadURL and k8s api requests. + # Set to 0 to fail on the first retry of this type. + # maxReadRetries: 5 + # + # Endpoint to send request to reload notifiers + reloadURL: "http://localhost:3000/api/admin/provisioning/notifications/reload" + # Absolute path to a script to execute after a configmap got reloaded. + # It runs before calls to REQ_URI. If the file is not executable it will be passed to sh. + # Otherwise, it's executed as is. Shebangs known to work are #!/bin/sh and #!/usr/bin/env python + script: null + skipReload: false + # Deploy the notifier sidecar as an initContainer in addition to a container. + # This is needed if skipReload is true, to load any notifiers defined at startup time. + initNotifiers: false + # Additional notifiers sidecar volume mounts + extraMounts: [] + # Sets the size limit of the notifier sidecar emptyDir volume + sizeLimit: "" + +## Override the deployment namespace +## +namespaceOverride: "" + +## Number of old ReplicaSets to retain +## +revisionHistoryLimit: 10 + +## Add a seperate remote image renderer deployment/service +imageRenderer: + deploymentStrategy: {} + # Enable the image-renderer deployment & service + enabled: false + replicas: 1 + autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 5 + targetCPU: "60" + targetMemory: "" + behavior: {} + # The url of remote image renderer if it is not in the same namespace with the grafana instance + serverURL: "" + # The callback url of grafana instances if it is not in the same namespace with the remote image renderer + renderingCallbackURL: "" + image: + # -- The Docker registry + registry: docker.io + # image-renderer Image repository + repository: grafana/grafana-image-renderer + # image-renderer Image tag + tag: latest + # image-renderer Image sha (optional) + sha: "" + # image-renderer Image pull secrets (optional) + pullSecrets: [] + # image-renderer ImagePullPolicy + pullPolicy: Always + # extra environment variables + env: + HTTP_HOST: "0.0.0.0" + # Fixes "Error: Failed to launch the browser process!\nchrome_crashpad_handler: --database is required" + XDG_CONFIG_HOME: /tmp/.chromium + XDG_CACHE_HOME: /tmp/.chromium + # RENDERING_ARGS: --no-sandbox,--disable-gpu,--window-size=1280x758 + # RENDERING_MODE: clustered + # IGNORE_HTTPS_ERRORS: true + + ## "valueFrom" environment variable references that will be added to deployment pods. Name is templated. + ## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core + ## Renders in container spec as: + ## env: + ## ... + ## - name: + ## valueFrom: + ## + envValueFrom: {} + # ENV_NAME: + # configMapKeyRef: + # name: configmap-name + # key: value_key + + # image-renderer deployment serviceAccount + serviceAccountName: "" + automountServiceAccountToken: false + # image-renderer deployment securityContext + securityContext: {} + # image-renderer deployment container securityContext + containerSecurityContext: + seccompProfile: + type: RuntimeDefault + capabilities: + drop: ['ALL'] + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + ## image-renderer pod annotation + podAnnotations: {} + # image-renderer deployment Host Aliases + hostAliases: [] + # image-renderer deployment priority class + priorityClassName: '' + service: + # Enable the image-renderer service + enabled: true + # image-renderer service port name + portName: 'http' + # image-renderer service port used by both service and deployment + port: 8081 + targetPort: 8081 + # Adds the appProtocol field to the image-renderer service. This allows to work with istio protocol selection. Ex: "http" or "tcp" + appProtocol: "" + serviceMonitor: + ## If true, a ServiceMonitor CRD is created for a prometheus operator + ## https://github.com/coreos/prometheus-operator + ## + enabled: false + path: /metrics + # namespace: monitoring (defaults to use the namespace this chart is deployed to) + labels: {} + interval: 1m + scheme: http + tlsConfig: {} + scrapeTimeout: 30s + relabelings: [] + # See: https://doc.crds.dev/github.com/prometheus-operator/kube-prometheus/monitoring.coreos.com/ServiceMonitor/v1@v0.11.0#spec-targetLabels + targetLabels: [] + # - targetLabel1 + # - targetLabel2 + # If https is enabled in Grafana, this needs to be set as 'https' to correctly configure the callback used in Grafana + grafanaProtocol: http + # In case a sub_path is used this needs to be added to the image renderer callback + grafanaSubPath: "" + # name of the image-renderer port on the pod + podPortName: http + # number of image-renderer replica sets to keep + revisionHistoryLimit: 10 + networkPolicy: + # Enable a NetworkPolicy to limit inbound traffic to only the created grafana pods + limitIngress: true + # Enable a NetworkPolicy to limit outbound traffic to only the created grafana pods + limitEgress: false + # Allow additional services to access image-renderer (eg. Prometheus operator when ServiceMonitor is enabled) + extraIngressSelectors: [] + resources: {} +# limits: +# cpu: 100m +# memory: 100Mi +# requests: +# cpu: 50m +# memory: 50Mi + ## Node labels for pod assignment + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + # + nodeSelector: {} + + ## Tolerations for pod assignment + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + + ## Affinity for pod assignment (evaluated as template) + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## + affinity: {} + + ## Use an alternate scheduler, e.g. "stork". + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + # schedulerName: "default-scheduler" + + # Extra configmaps to mount in image-renderer pods + extraConfigmapMounts: [] + + # Extra secrets to mount in image-renderer pods + extraSecretMounts: [] + + # Extra volumes to mount in image-renderer pods + extraVolumeMounts: [] + + # Extra volumes for image-renderer pods + extraVolumes: [] + +networkPolicy: + ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources. Only Ingress traffic is filtered for now. + ## + enabled: false + ## @param networkPolicy.allowExternal Don't require client label for connections + ## The Policy model to apply. When set to false, only pods with the correct + ## client label will have network access to grafana port defined. + ## When true, grafana will accept connections from any source + ## (with the correct destination port). + ## + ingress: true + ## @param networkPolicy.ingress When true enables the creation + ## an ingress network policy + ## + allowExternal: true + ## @param networkPolicy.explicitNamespacesSelector A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed + ## If explicitNamespacesSelector is missing or set to {}, only client Pods that are in the networkPolicy's namespace + ## and that match other criteria, the ones that have the good label, can reach the grafana. + ## But sometimes, we want the grafana to be accessible to clients from other namespaces, in this case, we can use this + ## LabelSelector to select these namespaces, note that the networkPolicy's namespace should also be explicitly added. + ## + ## Example: + ## explicitNamespacesSelector: + ## matchLabels: + ## role: frontend + ## matchExpressions: + ## - {key: role, operator: In, values: [frontend]} + ## + explicitNamespacesSelector: {} + ## + ## + ## + ## + ## + ## + egress: + ## @param networkPolicy.egress.enabled When enabled, an egress network policy will be + ## created allowing grafana to connect to external data sources from kubernetes cluster. + enabled: false + ## + ## @param networkPolicy.egress.blockDNSResolution When enabled, DNS resolution will be blocked + ## for all pods in the grafana namespace. + blockDNSResolution: false + ## + ## @param networkPolicy.egress.ports Add individual ports to be allowed by the egress + ports: [] + ## Add ports to the egress by specifying - port: + ## E.X. + ## - port: 80 + ## - port: 443 + ## + ## @param networkPolicy.egress.to Allow egress traffic to specific destinations + to: [] + ## Add destinations to the egress by specifying - ipBlock: + ## E.X. + ## to: + ## - namespaceSelector: + ## matchExpressions: + ## - {key: role, operator: In, values: [grafana]} + ## + ## + ## + ## + ## + +# Enable backward compatibility of kubernetes where version below 1.13 doesn't have the enableServiceLinks option +enableKubeBackwardCompatibility: false +useStatefulSet: false + +# extraObjects could be utilized to add dynamic manifests via values +extraObjects: [] +# Examples: +# extraObjects: +# - apiVersion: kubernetes-client.io/v1 +# kind: ExternalSecret +# metadata: +# name: grafana-secrets-{{ .Release.Name }} +# spec: +# backendType: gcpSecretsManager +# data: +# - key: grafana-admin-password +# name: adminPassword +# Alternatively, you can use strings, which lets you use additional templating features: +# extraObjects: +# - | +# apiVersion: kubernetes-client.io/v1 +# kind: ExternalSecret +# metadata: +# name: grafana-secrets-{{ .Release.Name }} +# spec: +# backendType: gcpSecretsManager +# data: +# - key: grafana-admin-password +# name: {{ include "some-other-template" }} + +# assertNoLeakedSecrets is a helper function defined in _helpers.tpl that checks if secret +# values are not exposed in the rendered grafana.ini configmap. It is enabled by default. +# +# To pass values into grafana.ini without exposing them in a configmap, use variable expansion: +# https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#variable-expansion +# +# Alternatively, if you wish to allow secret values to be exposed in the rendered grafana.ini configmap, +# you can disable this check by setting assertNoLeakedSecrets to false. +assertNoLeakedSecrets: true diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/.helmignore b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/Chart.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/Chart.yaml new file mode 100644 index 0000000..fd7620f --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/Chart.yaml @@ -0,0 +1,29 @@ +annotations: + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Chart Source + url: https://github.com/prometheus-community/helm-charts +apiVersion: v2 +appVersion: 2.15.0 +description: Install kube-state-metrics to generate and expose cluster-level metrics +home: https://github.com/kubernetes/kube-state-metrics/ +keywords: +- metric +- monitoring +- prometheus +- kubernetes +maintainers: +- email: tariq.ibrahim@mulesoft.com + name: tariq1890 + url: https://github.com/tariq1890 +- email: manuel@rueg.eu + name: mrueg + url: https://github.com/mrueg +- email: david@0xdc.me + name: dotdc + url: https://github.com/dotdc +name: kube-state-metrics +sources: +- https://github.com/kubernetes/kube-state-metrics/ +type: application +version: 6.0.0 diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/README.md b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/README.md new file mode 100644 index 0000000..208e1c4 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/README.md @@ -0,0 +1,89 @@ +# kube-state-metrics Helm Chart + +Installs the [kube-state-metrics agent](https://github.com/kubernetes/kube-state-metrics). + +## Get Repository Info + +```console +helm repo add prometheus-community https://prometheus-community.github.io/helm-charts +helm repo update +``` + +_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + + +## Install Chart + +```console +helm install [RELEASE_NAME] prometheus-community/kube-state-metrics [flags] +``` + +_See [configuration](#configuration) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + +## Uninstall Chart + +```console +helm uninstall [RELEASE_NAME] +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +## Upgrading Chart + +```console +helm upgrade [RELEASE_NAME] prometheus-community/kube-state-metrics [flags] +``` + +_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._ + +### Migrating from stable/kube-state-metrics and kubernetes/kube-state-metrics + +You can upgrade in-place: + +1. [get repository info](#get-repository-info) +1. [upgrade](#upgrading-chart) your existing release name using the new chart repository + +## Upgrading to v6.0.0 + +This version drops support for deprecated Pod Security Policy resources. + +## Upgrading to v3.0.0 + +v3.0.0 includes kube-state-metrics v2.0, see the [changelog](https://github.com/kubernetes/kube-state-metrics/blob/release-2.0/CHANGELOG.md) for major changes on the application-side. + +The upgraded chart now the following changes: + +* Dropped support for helm v2 (helm v3 or later is required) +* collectors key was renamed to resources +* namespace key was renamed to namespaces + +## Configuration + +See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments: + +```console +helm show values prometheus-community/kube-state-metrics +``` + +### kube-rbac-proxy + +You can enable `kube-state-metrics` endpoint protection using `kube-rbac-proxy`. By setting `kubeRBACProxy.enabled: true`, this chart will deploy one RBAC proxy container per endpoint (metrics & telemetry). +To authorize access, authenticate your requests (via a `ServiceAccount` for example) with a `ClusterRole` attached such as: + +```yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kube-state-metrics-read +rules: + - apiGroups: [ "" ] + resources: ["services/kube-state-metrics"] + verbs: + - get +``` + +See [kube-rbac-proxy examples](https://github.com/brancz/kube-rbac-proxy/tree/master/examples/resource-attributes) for more details. diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/NOTES.txt b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/NOTES.txt new file mode 100644 index 0000000..3589c24 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/NOTES.txt @@ -0,0 +1,23 @@ +kube-state-metrics is a simple service that listens to the Kubernetes API server and generates metrics about the state of the objects. +The exposed metrics can be found here: +https://github.com/kubernetes/kube-state-metrics/blob/master/docs/README.md#exposed-metrics + +The metrics are exported on the HTTP endpoint /metrics on the listening port. +In your case, {{ template "kube-state-metrics.fullname" . }}.{{ template "kube-state-metrics.namespace" . }}.svc.cluster.local:{{ .Values.service.port }}/metrics + +They are served either as plaintext or protobuf depending on the Accept header. +They are designed to be consumed either by Prometheus itself or by a scraper that is compatible with scraping a Prometheus client endpoint. + +{{- if .Values.kubeRBACProxy.enabled}} + +kube-rbac-proxy endpoint protections is enabled: +- Metrics endpoints are now HTTPS +- Ensure that the client authenticates the requests (e.g. via service account) with the following role permissions: +``` +rules: + - apiGroups: [ "" ] + resources: ["services/{{ template "kube-state-metrics.fullname" . }}"] + verbs: + - get +``` +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/_helpers.tpl b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/_helpers.tpl new file mode 100644 index 0000000..c8cfa56 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/_helpers.tpl @@ -0,0 +1,186 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "kube-state-metrics.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "kube-state-metrics.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "kube-state-metrics.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "kube-state-metrics.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Allow the release namespace to be overridden for multi-namespace deployments in combined charts +*/}} +{{- define "kube-state-metrics.namespace" -}} + {{- if .Values.namespaceOverride -}} + {{- .Values.namespaceOverride -}} + {{- else -}} + {{- .Release.Namespace -}} + {{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "kube-state-metrics.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Generate basic labels +*/}} +{{- define "kube-state-metrics.labels" }} +helm.sh/chart: {{ template "kube-state-metrics.chart" . }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/component: metrics +app.kubernetes.io/part-of: {{ template "kube-state-metrics.name" . }} +{{- include "kube-state-metrics.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +{{- if .Values.customLabels }} +{{ tpl (toYaml .Values.customLabels) . }} +{{- end }} +{{- if .Values.releaseLabel }} +release: {{ .Release.Name }} +{{- end }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "kube-state-metrics.selectorLabels" }} +{{- if .Values.selectorOverride }} +{{ toYaml .Values.selectorOverride }} +{{- else }} +app.kubernetes.io/name: {{ include "kube-state-metrics.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} +{{- end }} + +{{/* Sets default scrape limits for servicemonitor */}} +{{- define "servicemonitor.scrapeLimits" -}} +{{- with .sampleLimit }} +sampleLimit: {{ . }} +{{- end }} +{{- with .targetLimit }} +targetLimit: {{ . }} +{{- end }} +{{- with .labelLimit }} +labelLimit: {{ . }} +{{- end }} +{{- with .labelNameLengthLimit }} +labelNameLengthLimit: {{ . }} +{{- end }} +{{- with .labelValueLengthLimit }} +labelValueLengthLimit: {{ . }} +{{- end }} +{{- end -}} + +{{/* Sets default scrape limits for scrapeconfig */}} +{{- define "scrapeconfig.scrapeLimits" -}} +{{- with .sampleLimit }} +sampleLimit: {{ . }} +{{- end }} +{{- with .targetLimit }} +targetLimit: {{ . }} +{{- end }} +{{- with .labelLimit }} +labelLimit: {{ . }} +{{- end }} +{{- with .labelNameLengthLimit }} +labelNameLengthLimit: {{ . }} +{{- end }} +{{- with .labelValueLengthLimit }} +labelValueLengthLimit: {{ . }} +{{- end }} +{{- end -}} + +{{/* +Formats imagePullSecrets. Input is (dict "Values" .Values "imagePullSecrets" .{specific imagePullSecrets}) +*/}} +{{- define "kube-state-metrics.imagePullSecrets" -}} +{{- range (concat .Values.global.imagePullSecrets .imagePullSecrets) }} + {{- if eq (typeOf .) "map[string]interface {}" }} +- {{ toYaml . | trim }} + {{- else }} +- name: {{ . }} + {{- end }} +{{- end }} +{{- end -}} + +{{/* +The image to use for kube-state-metrics +*/}} +{{- define "kube-state-metrics.image" -}} +{{- if .Values.image.sha }} +{{- if .Values.global.imageRegistry }} +{{- printf "%s/%s:%s@%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.sha }} +{{- else }} +{{- printf "%s/%s:%s@%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.sha }} +{{- end }} +{{- else }} +{{- if .Values.global.imageRegistry }} +{{- printf "%s/%s:%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }} +{{- else }} +{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +The image to use for kubeRBACProxy +*/}} +{{- define "kubeRBACProxy.image" -}} +{{- if .Values.kubeRBACProxy.image.sha }} +{{- if .Values.global.imageRegistry }} +{{- printf "%s/%s:%s@%s" .Values.global.imageRegistry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) .Values.kubeRBACProxy.image.sha }} +{{- else }} +{{- printf "%s/%s:%s@%s" .Values.kubeRBACProxy.image.registry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) .Values.kubeRBACProxy.image.sha }} +{{- end }} +{{- else }} +{{- if .Values.global.imageRegistry }} +{{- printf "%s/%s:%s" .Values.global.imageRegistry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) }} +{{- else }} +{{- printf "%s/%s:%s" .Values.kubeRBACProxy.image.registry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +The name of the ConfigMap for the customResourceState config. +*/}} +{{- define "kube-state-metrics.crsConfigMapName" -}} + {{- if ne .Values.customResourceState.name "" }} + {{- .Values.customResourceState.name }} + {{- else }} + {{- template "kube-state-metrics.fullname" . }}-customresourcestate-config + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml new file mode 100644 index 0000000..025cd47 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml @@ -0,0 +1,33 @@ +{{- if and .Values.networkPolicy.enabled (eq .Values.networkPolicy.flavor "cilium") }} +apiVersion: cilium.io/v2 +kind: CiliumNetworkPolicy +metadata: + {{- if .Values.annotations }} + annotations: + {{ toYaml .Values.annotations | nindent 4 }} + {{- end }} + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} + name: {{ template "kube-state-metrics.fullname" . }} + namespace: {{ template "kube-state-metrics.namespace" . }} +spec: + endpointSelector: + matchLabels: + {{- include "kube-state-metrics.selectorLabels" . | indent 6 }} + egress: + {{- if and .Values.networkPolicy.cilium .Values.networkPolicy.cilium.kubeApiServerSelector }} + {{ toYaml .Values.networkPolicy.cilium.kubeApiServerSelector | nindent 6 }} + {{- else }} + - toEntities: + - kube-apiserver + {{- end }} + ingress: + - toPorts: + - ports: + - port: {{ .Values.service.port | quote }} + protocol: TCP + {{- if .Values.selfMonitor.enabled }} + - port: {{ .Values.selfMonitor.telemetryPort | default 8081 | quote }} + protocol: TCP + {{ end }} +{{ end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/clusterrolebinding.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/clusterrolebinding.yaml new file mode 100644 index 0000000..cf9f628 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/clusterrolebinding.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.rbac.create .Values.rbac.useClusterRole -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} + name: {{ template "kube-state-metrics.fullname" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole +{{- if .Values.rbac.useExistingRole }} + name: {{ .Values.rbac.useExistingRole }} +{{- else }} + name: {{ template "kube-state-metrics.fullname" . }} +{{- end }} +subjects: +- kind: ServiceAccount + name: {{ template "kube-state-metrics.serviceAccountName" . }} + namespace: {{ template "kube-state-metrics.namespace" . }} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/crs-configmap.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/crs-configmap.yaml new file mode 100644 index 0000000..e64c4a7 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/crs-configmap.yaml @@ -0,0 +1,16 @@ +{{- if and .Values.customResourceState.enabled .Values.customResourceState.create }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "kube-state-metrics.crsConfigMapName" . }} + namespace: {{ template "kube-state-metrics.namespace" . }} + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} + {{- if .Values.annotations }} + annotations: + {{ toYaml .Values.annotations | nindent 4 }} + {{- end }} +data: + {{ .Values.customResourceState.key }}: | + {{- toYaml .Values.customResourceState.config | nindent 4 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/deployment.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/deployment.yaml new file mode 100644 index 0000000..e50d3ad --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/deployment.yaml @@ -0,0 +1,375 @@ +apiVersion: apps/v1 +{{- if .Values.autosharding.enabled }} +kind: StatefulSet +{{- else }} +kind: Deployment +{{- end }} +metadata: + name: {{ template "kube-state-metrics.fullname" . }} + namespace: {{ template "kube-state-metrics.namespace" . }} + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} + {{- with .Values.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "kube-state-metrics.selectorLabels" . | indent 6 }} + replicas: {{ .Values.replicas }} + {{- if not .Values.autosharding.enabled }} + strategy: + type: {{ .Values.updateStrategy | default "RollingUpdate" }} + {{- end }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + {{- if .Values.autosharding.enabled }} + serviceName: {{ template "kube-state-metrics.fullname" . }} + volumeClaimTemplates: [] + {{- end }} + template: + metadata: + labels: + {{- include "kube-state-metrics.labels" . | indent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.podAnnotations }} + annotations: + {{ toYaml .Values.podAnnotations | nindent 8 }} + {{- end }} + spec: + automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} + hostNetwork: {{ .Values.hostNetwork }} + serviceAccountName: {{ template "kube-state-metrics.serviceAccountName" . }} + {{- if .Values.securityContext.enabled }} + securityContext: {{- omit .Values.securityContext "enabled" | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} + {{- end }} + {{- with .Values.initContainers }} + initContainers: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- if .Values.dnsConfig }} + dnsConfig: {{ toYaml .Values.dnsConfig | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.dnsPolicy }} + containers: + {{- $servicePort := ternary 9090 (.Values.service.port | default 8080) .Values.kubeRBACProxy.enabled}} + {{- $telemetryPort := ternary 9091 (.Values.selfMonitor.telemetryPort | default 8081) .Values.kubeRBACProxy.enabled}} + - name: {{ template "kube-state-metrics.name" . }} + {{- if .Values.autosharding.enabled }} + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- if .Values.env }} + {{- toYaml .Values.env | nindent 8 }} + {{- end }} + {{ else }} + {{- if .Values.env }} + env: + {{- toYaml .Values.env | nindent 8 }} + {{- end }} + {{- end }} + args: + {{- if .Values.extraArgs }} + {{- .Values.extraArgs | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.kubeRBACProxy.enabled }} + - --host=127.0.0.1 + {{- end }} + - --port={{ $servicePort }} + {{- if .Values.collectors }} + - --resources={{ .Values.collectors | join "," }} + {{- end }} + {{- if .Values.metricLabelsAllowlist }} + - --metric-labels-allowlist={{ .Values.metricLabelsAllowlist | join "," }} + {{- end }} + {{- if .Values.metricAnnotationsAllowList }} + - --metric-annotations-allowlist={{ .Values.metricAnnotationsAllowList | join "," }} + {{- end }} + {{- if .Values.metricAllowlist }} + - --metric-allowlist={{ .Values.metricAllowlist | join "," }} + {{- end }} + {{- if .Values.metricDenylist }} + - --metric-denylist={{ .Values.metricDenylist | join "," }} + {{- end }} + {{- $namespaces := list }} + {{- if .Values.namespaces }} + {{- range $ns := join "," .Values.namespaces | split "," }} + {{- $namespaces = append $namespaces (tpl $ns $) }} + {{- end }} + {{- end }} + {{- if .Values.releaseNamespace }} + {{- $namespaces = append $namespaces ( include "kube-state-metrics.namespace" . ) }} + {{- end }} + {{- if $namespaces }} + - --namespaces={{ $namespaces | mustUniq | join "," }} + {{- end }} + {{- if .Values.namespacesDenylist }} + - --namespaces-denylist={{ tpl (.Values.namespacesDenylist | join ",") $ }} + {{- end }} + {{- if .Values.autosharding.enabled }} + - --pod=$(POD_NAME) + - --pod-namespace=$(POD_NAMESPACE) + {{- end }} + {{- if .Values.kubeconfig.enabled }} + - --kubeconfig=/opt/k8s/.kube/config + {{- end }} + {{- if .Values.kubeRBACProxy.enabled }} + - --telemetry-host=127.0.0.1 + - --telemetry-port={{ $telemetryPort }} + {{- else }} + {{- if .Values.selfMonitor.telemetryHost }} + - --telemetry-host={{ .Values.selfMonitor.telemetryHost }} + {{- end }} + {{- if .Values.selfMonitor.telemetryPort }} + - --telemetry-port={{ $telemetryPort }} + {{- end }} + {{- end }} + {{- if .Values.customResourceState.enabled }} + - --custom-resource-state-config-file=/etc/customresourcestate/{{ .Values.customResourceState.key }} + {{- end }} + {{- if or (.Values.kubeconfig.enabled) (.Values.customResourceState.enabled) (.Values.volumeMounts) }} + volumeMounts: + {{- if .Values.kubeconfig.enabled }} + - name: kubeconfig + mountPath: /opt/k8s/.kube/ + readOnly: true + {{- end }} + {{- if .Values.customResourceState.enabled }} + - name: customresourcestate-config + mountPath: /etc/customresourcestate + readOnly: true + {{- end }} + {{- if .Values.volumeMounts }} +{{ toYaml .Values.volumeMounts | indent 8 }} + {{- end }} + {{- end }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + image: {{ include "kube-state-metrics.image" . }} + {{- if eq .Values.kubeRBACProxy.enabled false }} + ports: + - containerPort: {{ .Values.service.port | default 8080}} + name: "http" + {{- if .Values.selfMonitor.enabled }} + - containerPort: {{ $telemetryPort }} + name: "metrics" + {{- end }} + {{- end }} + {{- if not .Values.kubeRBACProxy.enabled }} + {{- if .Values.startupProbe.enabled }} + startupProbe: + failureThreshold: {{ .Values.startupProbe.failureThreshold }} + httpGet: + {{- if .Values.hostNetwork }} + host: 127.0.0.1 + {{- end }} + httpHeaders: + {{- range $_, $header := .Values.startupProbe.httpGet.httpHeaders }} + - name: {{ $header.name }} + value: {{ $header.value }} + {{- end }} + path: /healthz + {{- if .Values.kubeRBACProxy.enabled }} + port: {{ .Values.service.port | default 8080 }} + scheme: HTTPS + {{- else }} + port: {{ $servicePort }} + scheme: {{ upper .Values.startupProbe.httpGet.scheme }} + {{- end }} + initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.startupProbe.periodSeconds }} + successThreshold: {{ .Values.startupProbe.successThreshold }} + timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds }} + {{- end }} + livenessProbe: + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} + httpGet: + {{- if .Values.hostNetwork }} + host: 127.0.0.1 + {{- end }} + httpHeaders: + {{- range $_, $header := .Values.livenessProbe.httpGet.httpHeaders }} + - name: {{ $header.name }} + value: {{ $header.value }} + {{- end }} + path: /livez + {{- if .Values.kubeRBACProxy.enabled }} + port: {{ .Values.service.port | default 8080 }} + scheme: HTTPS + {{- else }} + port: {{ $servicePort }} + scheme: {{ upper .Values.livenessProbe.httpGet.scheme }} + {{- end }} + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + successThreshold: {{ .Values.livenessProbe.successThreshold }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + readinessProbe: + failureThreshold: {{ .Values.readinessProbe.failureThreshold }} + httpGet: + {{- if .Values.hostNetwork }} + host: 127.0.0.1 + {{- end }} + httpHeaders: + {{- range $_, $header := .Values.readinessProbe.httpGet.httpHeaders }} + - name: {{ $header.name }} + value: {{ $header.value }} + {{- end }} + path: /readyz + {{- if .Values.kubeRBACProxy.enabled }} + port: {{ .Values.selfMonitor.telemetryPort | default 8081 }} + scheme: HTTPS + {{- else }} + port: {{ $telemetryPort }} + scheme: {{ upper .Values.readinessProbe.httpGet.scheme }} + {{- end }} + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + successThreshold: {{ .Values.readinessProbe.successThreshold }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + {{- end }} + resources: +{{ toYaml .Values.resources | indent 10 }} +{{- if .Values.containerSecurityContext }} + securityContext: +{{ toYaml .Values.containerSecurityContext | indent 10 }} +{{- end }} + {{- if .Values.kubeRBACProxy.enabled }} + - name: kube-rbac-proxy-http + args: + {{- if .Values.kubeRBACProxy.extraArgs }} + {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 8 }} + {{- end }} + - --secure-listen-address=:{{ .Values.service.port | default 8080}} + - --upstream=http://127.0.0.1:{{ $servicePort }}/ + - --proxy-endpoints-port=8888 + - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml + volumeMounts: + - name: kube-rbac-proxy-config + mountPath: /etc/kube-rbac-proxy-config + {{- with .Values.kubeRBACProxy.volumeMounts }} + {{- toYaml . | nindent 10 }} + {{- end }} + imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }} + image: {{ include "kubeRBACProxy.image" . }} + ports: + - containerPort: {{ .Values.service.port | default 8080}} + name: "http" + - containerPort: 8888 + name: "http-healthz" + readinessProbe: + httpGet: + scheme: HTTPS + port: 8888 + path: healthz + initialDelaySeconds: 5 + timeoutSeconds: 5 + {{- if .Values.kubeRBACProxy.resources }} + resources: +{{ toYaml .Values.kubeRBACProxy.resources | indent 10 }} +{{- end }} +{{- if .Values.kubeRBACProxy.containerSecurityContext }} + securityContext: +{{ toYaml .Values.kubeRBACProxy.containerSecurityContext | indent 10 }} +{{- end }} + {{- if .Values.selfMonitor.enabled }} + - name: kube-rbac-proxy-telemetry + args: + {{- if .Values.kubeRBACProxy.extraArgs }} + {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 8 }} + {{- end }} + - --secure-listen-address=:{{ .Values.selfMonitor.telemetryPort | default 8081 }} + - --upstream=http://127.0.0.1:{{ $telemetryPort }}/ + - --proxy-endpoints-port=8889 + - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml + volumeMounts: + - name: kube-rbac-proxy-config + mountPath: /etc/kube-rbac-proxy-config + {{- with .Values.kubeRBACProxy.volumeMounts }} + {{- toYaml . | nindent 10 }} + {{- end }} + imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }} + image: {{ include "kubeRBACProxy.image" . }} + ports: + - containerPort: {{ .Values.selfMonitor.telemetryPort | default 8081 }} + name: "metrics" + - containerPort: 8889 + name: "metrics-healthz" + readinessProbe: + httpGet: + scheme: HTTPS + port: 8889 + path: healthz + initialDelaySeconds: 5 + timeoutSeconds: 5 + {{- if .Values.kubeRBACProxy.resources }} + resources: +{{ toYaml .Values.kubeRBACProxy.resources | indent 10 }} +{{- end }} +{{- if .Values.kubeRBACProxy.containerSecurityContext }} + securityContext: +{{ toYaml .Values.kubeRBACProxy.containerSecurityContext | indent 10 }} +{{- end }} + {{- end }} + {{- end }} + {{- with .Values.containers }} + {{- toYaml . | nindent 6 }} + {{- end }} +{{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- include "kube-state-metrics.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.imagePullSecrets) | indent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: + {{- if kindIs "map" .Values.affinity }} + {{- toYaml .Values.affinity | nindent 8 }} + {{- else }} + {{- tpl .Values.affinity $ | nindent 8 }} + {{- end }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ tpl (toYaml .) $ | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ tpl (toYaml .) $ | indent 8 }} + {{- end }} + {{- if .Values.topologySpreadConstraints }} + topologySpreadConstraints: +{{ toYaml .Values.topologySpreadConstraints | indent 8 }} + {{- end }} + {{- if or (.Values.kubeconfig.enabled) (.Values.customResourceState.enabled) (.Values.volumes) (.Values.kubeRBACProxy.enabled) }} + volumes: + {{- if .Values.kubeconfig.enabled}} + - name: kubeconfig + secret: + secretName: {{ template "kube-state-metrics.fullname" . }}-kubeconfig + {{- end }} + {{- if .Values.kubeRBACProxy.enabled}} + - name: kube-rbac-proxy-config + configMap: + name: {{ template "kube-state-metrics.fullname" . }}-rbac-config + {{- end }} + {{- if .Values.customResourceState.enabled}} + - name: customresourcestate-config + configMap: + name: {{ template "kube-state-metrics.crsConfigMapName" . }} + {{- end }} + {{- if .Values.volumes }} +{{ toYaml .Values.volumes | indent 8 }} + {{- end }} + {{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/extra-manifests.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/extra-manifests.yaml new file mode 100644 index 0000000..567f7bf --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/extra-manifests.yaml @@ -0,0 +1,4 @@ +{{ range .Values.extraManifests }} +--- +{{ tpl (toYaml .) $ }} +{{ end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/kubeconfig-secret.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/kubeconfig-secret.yaml new file mode 100644 index 0000000..6af0084 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/kubeconfig-secret.yaml @@ -0,0 +1,12 @@ +{{- if .Values.kubeconfig.enabled -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "kube-state-metrics.fullname" . }}-kubeconfig + namespace: {{ template "kube-state-metrics.namespace" . }} + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} +type: Opaque +data: + config: '{{ .Values.kubeconfig.secret }}' +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/networkpolicy.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/networkpolicy.yaml new file mode 100644 index 0000000..309b38e --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/networkpolicy.yaml @@ -0,0 +1,43 @@ +{{- if and .Values.networkPolicy.enabled (eq .Values.networkPolicy.flavor "kubernetes") }} +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + {{- if .Values.annotations }} + annotations: + {{ toYaml .Values.annotations | nindent 4 }} + {{- end }} + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} + name: {{ template "kube-state-metrics.fullname" . }} + namespace: {{ template "kube-state-metrics.namespace" . }} +spec: + {{- if .Values.networkPolicy.egress }} + ## Deny all egress by default + egress: + {{- toYaml .Values.networkPolicy.egress | nindent 4 }} + {{- end }} + ingress: + {{- if .Values.networkPolicy.ingress }} + {{- toYaml .Values.networkPolicy.ingress | nindent 4 }} + {{- else }} + ## Allow ingress on default ports by default + - ports: + - port: {{ .Values.service.port | default 8080 }} + protocol: TCP + {{- if .Values.selfMonitor.enabled }} + {{- $telemetryPort := ternary 9091 (.Values.selfMonitor.telemetryPort | default 8081) .Values.kubeRBACProxy.enabled}} + - port: {{ $telemetryPort }} + protocol: TCP + {{- end }} + {{- end }} + podSelector: + {{- if .Values.networkPolicy.podSelector }} + {{- toYaml .Values.networkPolicy.podSelector | nindent 4 }} + {{- else }} + matchLabels: + {{- include "kube-state-metrics.selectorLabels" . | indent 6 }} + {{- end }} + policyTypes: + - Ingress + - Egress +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/pdb.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/pdb.yaml new file mode 100644 index 0000000..2d1e64b --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/pdb.yaml @@ -0,0 +1,14 @@ +{{- if .Values.podDisruptionBudget -}} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ template "kube-state-metrics.fullname" . }} + namespace: {{ template "kube-state-metrics.namespace" . }} + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} +{{ toYaml .Values.podDisruptionBudget | indent 2 }} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/rbac-configmap.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/rbac-configmap.yaml new file mode 100644 index 0000000..671dc9d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/rbac-configmap.yaml @@ -0,0 +1,22 @@ +{{- if .Values.kubeRBACProxy.enabled}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "kube-state-metrics.fullname" . }}-rbac-config + namespace: {{ template "kube-state-metrics.namespace" . }} + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} + {{- if .Values.annotations }} + annotations: + {{ toYaml .Values.annotations | nindent 4 }} + {{- end }} +data: + config-file.yaml: |+ + authorization: + resourceAttributes: + namespace: {{ template "kube-state-metrics.namespace" . }} + apiVersion: v1 + resource: services + subresource: {{ template "kube-state-metrics.fullname" . }} + name: {{ template "kube-state-metrics.fullname" . }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/role.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/role.yaml new file mode 100644 index 0000000..4b6537b --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/role.yaml @@ -0,0 +1,236 @@ +{{- if and (eq .Values.rbac.create true) (not .Values.rbac.useExistingRole) -}} +{{- range (ternary (join "," .Values.namespaces | split "," ) (list "") (eq $.Values.rbac.useClusterRole false)) }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +{{- if eq $.Values.rbac.useClusterRole false }} +kind: Role +{{- else }} +kind: ClusterRole +{{- end }} +metadata: + labels: + {{- include "kube-state-metrics.labels" $ | indent 4 }} + name: {{ template "kube-state-metrics.fullname" $ }} +{{- if eq $.Values.rbac.useClusterRole false }} + namespace: {{ . }} +{{- end }} +rules: +{{ if has "certificatesigningrequests" $.Values.collectors }} +- apiGroups: ["certificates.k8s.io"] + resources: + - certificatesigningrequests + verbs: ["list", "watch"] +{{ end -}} +{{ if has "configmaps" $.Values.collectors }} +- apiGroups: [""] + resources: + - configmaps + verbs: ["list", "watch"] +{{ end -}} +{{ if has "cronjobs" $.Values.collectors }} +- apiGroups: ["batch"] + resources: + - cronjobs + verbs: ["list", "watch"] +{{ end -}} +{{ if has "daemonsets" $.Values.collectors }} +- apiGroups: ["apps"] + resources: + - daemonsets + verbs: ["list", "watch"] +{{ end -}} +{{ if has "deployments" $.Values.collectors }} +- apiGroups: ["apps"] + resources: + - deployments + verbs: ["list", "watch"] +{{ end -}} +{{ if has "endpoints" $.Values.collectors }} +- apiGroups: [""] + resources: + - endpoints + verbs: ["list", "watch"] +{{ end -}} +{{ if has "endpointslices" $.Values.collectors }} +- apiGroups: ["discovery.k8s.io"] + resources: + - endpointslices + verbs: ["list", "watch"] +{{ end -}} +{{ if has "horizontalpodautoscalers" $.Values.collectors }} +- apiGroups: ["autoscaling"] + resources: + - horizontalpodautoscalers + verbs: ["list", "watch"] +{{ end -}} +{{ if has "ingresses" $.Values.collectors }} +- apiGroups: ["networking.k8s.io"] + resources: + - ingresses + verbs: ["list", "watch"] +{{ end -}} +{{ if has "jobs" $.Values.collectors }} +- apiGroups: ["batch"] + resources: + - jobs + verbs: ["list", "watch"] +{{ end -}} +{{ if has "leases" $.Values.collectors }} +- apiGroups: ["coordination.k8s.io"] + resources: + - leases + verbs: ["list", "watch"] +{{ end -}} +{{ if has "limitranges" $.Values.collectors }} +- apiGroups: [""] + resources: + - limitranges + verbs: ["list", "watch"] +{{ end -}} +{{ if has "mutatingwebhookconfigurations" $.Values.collectors }} +- apiGroups: ["admissionregistration.k8s.io"] + resources: + - mutatingwebhookconfigurations + verbs: ["list", "watch"] +{{ end -}} +{{ if has "namespaces" $.Values.collectors }} +- apiGroups: [""] + resources: + - namespaces + verbs: ["list", "watch"] +{{ end -}} +{{ if has "networkpolicies" $.Values.collectors }} +- apiGroups: ["networking.k8s.io"] + resources: + - networkpolicies + verbs: ["list", "watch"] +{{ end -}} +{{ if has "ingressclasses" $.Values.collectors }} +- apiGroups: ["networking.k8s.io"] + resources: + - ingressclasses + verbs: ["list", "watch"] +{{ end -}} +{{ if has "clusterrolebindings" $.Values.collectors }} +- apiGroups: ["rbac.authorization.k8s.io"] + resources: + - clusterrolebindings + verbs: ["list", "watch"] +{{ end -}} +{{ if has "clusterroles" $.Values.collectors }} +- apiGroups: ["rbac.authorization.k8s.io"] + resources: + - clusterroles + verbs: ["list", "watch"] +{{ end -}} +{{ if has "roles" $.Values.collectors }} +- apiGroups: ["rbac.authorization.k8s.io"] + resources: + - roles + verbs: ["list", "watch"] +{{ end -}} +{{ if has "nodes" $.Values.collectors }} +- apiGroups: [""] + resources: + - nodes + verbs: ["list", "watch"] +{{ end -}} +{{ if has "persistentvolumeclaims" $.Values.collectors }} +- apiGroups: [""] + resources: + - persistentvolumeclaims + verbs: ["list", "watch"] +{{ end -}} +{{ if has "persistentvolumes" $.Values.collectors }} +- apiGroups: [""] + resources: + - persistentvolumes + verbs: ["list", "watch"] +{{ end -}} +{{ if has "poddisruptionbudgets" $.Values.collectors }} +- apiGroups: ["policy"] + resources: + - poddisruptionbudgets + verbs: ["list", "watch"] +{{ end -}} +{{ if has "pods" $.Values.collectors }} +- apiGroups: [""] + resources: + - pods + verbs: ["list", "watch"] +{{ end -}} +{{ if has "replicasets" $.Values.collectors }} +- apiGroups: ["apps"] + resources: + - replicasets + verbs: ["list", "watch"] +{{ end -}} +{{ if has "replicationcontrollers" $.Values.collectors }} +- apiGroups: [""] + resources: + - replicationcontrollers + verbs: ["list", "watch"] +{{ end -}} +{{ if has "resourcequotas" $.Values.collectors }} +- apiGroups: [""] + resources: + - resourcequotas + verbs: ["list", "watch"] +{{ end -}} +{{ if has "secrets" $.Values.collectors }} +- apiGroups: [""] + resources: + - secrets + verbs: ["list", "watch"] +{{ end -}} +{{ if has "services" $.Values.collectors }} +- apiGroups: [""] + resources: + - services + verbs: ["list", "watch"] +{{ end -}} +{{ if has "statefulsets" $.Values.collectors }} +- apiGroups: ["apps"] + resources: + - statefulsets + verbs: ["list", "watch"] +{{ end -}} +{{ if has "storageclasses" $.Values.collectors }} +- apiGroups: ["storage.k8s.io"] + resources: + - storageclasses + verbs: ["list", "watch"] +{{ end -}} +{{ if has "validatingwebhookconfigurations" $.Values.collectors }} +- apiGroups: ["admissionregistration.k8s.io"] + resources: + - validatingwebhookconfigurations + verbs: ["list", "watch"] +{{ end -}} +{{ if has "volumeattachments" $.Values.collectors }} +- apiGroups: ["storage.k8s.io"] + resources: + - volumeattachments + verbs: ["list", "watch"] +{{ end -}} +{{- if $.Values.kubeRBACProxy.enabled }} +- apiGroups: ["authentication.k8s.io"] + resources: + - tokenreviews + verbs: ["create"] +- apiGroups: ["authorization.k8s.io"] + resources: + - subjectaccessreviews + verbs: ["create"] +{{- end }} +{{- if $.Values.customResourceState.enabled }} +- apiGroups: ["apiextensions.k8s.io"] + resources: + - customresourcedefinitions + verbs: ["list", "watch"] +{{- end }} +{{ if $.Values.rbac.extraRules }} +{{ toYaml $.Values.rbac.extraRules }} +{{ end }} +{{- end -}} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/rolebinding.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/rolebinding.yaml new file mode 100644 index 0000000..330651b --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/rolebinding.yaml @@ -0,0 +1,24 @@ +{{- if and (eq .Values.rbac.create true) (eq .Values.rbac.useClusterRole false) -}} +{{- range (join "," $.Values.namespaces) | split "," }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + {{- include "kube-state-metrics.labels" $ | indent 4 }} + name: {{ template "kube-state-metrics.fullname" $ }} + namespace: {{ . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role +{{- if (not $.Values.rbac.useExistingRole) }} + name: {{ template "kube-state-metrics.fullname" $ }} +{{- else }} + name: {{ $.Values.rbac.useExistingRole }} +{{- end }} +subjects: +- kind: ServiceAccount + name: {{ template "kube-state-metrics.serviceAccountName" $ }} + namespace: {{ template "kube-state-metrics.namespace" $ }} +{{- end -}} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/scrapeconfig.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/scrapeconfig.yaml new file mode 100644 index 0000000..028f3d1 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/scrapeconfig.yaml @@ -0,0 +1,60 @@ +{{- if .Values.prometheus.scrapeconfig.enabled }} +apiVersion: monitoring.coreos.com/v1alpha1 +kind: ScrapeConfig +metadata: + name: {{ template "kube-state-metrics.fullname" . }} + namespace: {{ template "kube-state-metrics.namespace" . }} + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} + {{- with .Values.prometheus.scrapeconfig.additionalLabels }} + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} + {{- with .Values.prometheus.scrapeconfig.annotations }} + annotations: + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} +spec: + {{- include "scrapeconfig.scrapeLimits" .Values.prometheus.scrapeconfig | indent 2 }} + staticConfigs: + - targets: + - {{ template "kube-state-metrics.fullname" . }}.{{ template "kube-state-metrics.namespace" . }}.svc:{{ .Values.service.port }} + {{- if .Values.prometheus.scrapeconfig.staticConfigLabels}} + labels: + {{- with .Values.prometheus.scrapeconfig.staticConfigLabels }} + {{- tpl (toYaml . | nindent 8) $ }} + {{- end }} + {{- end }} +{{- if .Values.prometheus.scrapeconfig.jobName }} + jobName: {{ .Values.prometheus.scrapeconfig.jobName }} +{{- end }} +{{- if .Values.prometheus.scrapeconfig.honorLabels }} + honorLabels: true +{{- end }} +{{- if .Values.prometheus.scrapeconfig.scrapeInterval }} + scrapeInterval: {{ .Values.prometheus.scrapeconfig.scrapeInterval }} +{{- end }} +{{- if .Values.prometheus.scrapeconfig.scrapeTimeout }} + scrapeTimeout: {{ .Values.prometheus.scrapeconfig.scrapeTimeout }} +{{- end }} +{{- if .Values.prometheus.scrapeconfig.proxyUrl }} + proxyUrl: {{ .Values.prometheus.scrapeconfig.proxyUrl }} +{{- end }} +{{- if .Values.prometheus.scrapeconfig.enableHttp2 }} + enableHttp2: {{ .Values.prometheus.scrapeconfig.enableHttp2 }} +{{- end }} +{{- if .Values.prometheus.scrapeconfig.metricRelabelings }} + metricRelabelings: + {{- toYaml .Values.prometheus.scrapeconfig.metricRelabelings | nindent 4 }} +{{- end }} +{{- if .Values.prometheus.scrapeconfig.relabelings }} + relabelings: + {{- toYaml .Values.prometheus.scrapeconfig.relabelings | nindent 4 }} +{{- end }} +{{- if .Values.prometheus.scrapeconfig.scheme }} + scheme: {{ .Values.prometheus.scrapeconfig.scheme }} +{{- end }} +{{- if .Values.prometheus.scrapeconfig.tlsConfig }} + tlsConfig: + {{- toYaml (.Values.prometheus.scrapeconfig.tlsConfig ) | nindent 4 }} +{{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/service.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/service.yaml new file mode 100644 index 0000000..d65fc3a --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/service.yaml @@ -0,0 +1,53 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "kube-state-metrics.fullname" . }} + namespace: {{ template "kube-state-metrics.namespace" . }} + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} + annotations: + {{- if .Values.prometheusScrape }} + prometheus.io/scrape: '{{ .Values.prometheusScrape }}' + {{- end }} + {{- if .Values.service.annotations }} + {{- toYaml .Values.service.annotations | nindent 4 }} + {{- end }} +spec: + type: "{{ .Values.service.type }}" + {{- if .Values.service.ipDualStack.enabled }} + ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }} + ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }} + {{- end }} + ports: + - name: "http" + protocol: TCP + port: {{ .Values.service.port | default 8080}} + {{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }} + nodePort: {{ .Values.service.nodePort }} + {{- end }} + targetPort: {{ .Values.service.port | default 8080}} + {{ if .Values.selfMonitor.enabled }} + - name: "metrics" + protocol: TCP + port: {{ .Values.selfMonitor.telemetryPort | default 8081 }} + targetPort: {{ .Values.selfMonitor.telemetryPort | default 8081 }} + {{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }} + nodePort: {{ .Values.selfMonitor.telemetryNodePort }} + {{- end }} + {{ end }} +{{- if .Values.service.loadBalancerIP }} + loadBalancerIP: "{{ .Values.service.loadBalancerIP }}" +{{- end }} +{{- if .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $cidr := .Values.service.loadBalancerSourceRanges }} + - {{ $cidr }} + {{- end }} +{{- end }} +{{- if .Values.autosharding.enabled }} + clusterIP: None +{{- else if .Values.service.clusterIP }} + clusterIP: "{{ .Values.service.clusterIP }}" +{{- end }} + selector: + {{- include "kube-state-metrics.selectorLabels" . | indent 4 }} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/serviceaccount.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/serviceaccount.yaml new file mode 100644 index 0000000..c302bc7 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/serviceaccount.yaml @@ -0,0 +1,18 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} +metadata: + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} + name: {{ template "kube-state-metrics.serviceAccountName" . }} + namespace: {{ template "kube-state-metrics.namespace" . }} +{{- if .Values.serviceAccount.annotations }} + annotations: +{{ toYaml .Values.serviceAccount.annotations | indent 4 }} +{{- end }} +{{- if or .Values.serviceAccount.imagePullSecrets .Values.global.imagePullSecrets }} +imagePullSecrets: + {{- include "kube-state-metrics.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.serviceAccount.imagePullSecrets) | indent 2 }} +{{- end }} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/servicemonitor.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/servicemonitor.yaml new file mode 100644 index 0000000..99d7fa9 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/servicemonitor.yaml @@ -0,0 +1,120 @@ +{{- if .Values.prometheus.monitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "kube-state-metrics.fullname" . }} + namespace: {{ template "kube-state-metrics.namespace" . }} + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} + {{- with .Values.prometheus.monitor.additionalLabels }} + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} + {{- with .Values.prometheus.monitor.annotations }} + annotations: + {{- tpl (toYaml . | nindent 4) $ }} + {{- end }} +spec: + jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.monitor.jobLabel }} + {{- with .Values.prometheus.monitor.targetLabels }} + targetLabels: + {{- toYaml . | trim | nindent 4 }} + {{- end }} + {{- with .Values.prometheus.monitor.podTargetLabels }} + podTargetLabels: + {{- toYaml . | trim | nindent 4 }} + {{- end }} + {{- include "servicemonitor.scrapeLimits" .Values.prometheus.monitor | indent 2 }} + {{- if .Values.prometheus.monitor.namespaceSelector }} + namespaceSelector: + matchNames: + {{- with .Values.prometheus.monitor.namespaceSelector }} + {{- toYaml . | nindent 6 }} + {{- end }} + {{- end }} + selector: + matchLabels: + {{- with .Values.prometheus.monitor.selectorOverride }} + {{- toYaml . | nindent 6 }} + {{- else }} + {{- include "kube-state-metrics.selectorLabels" . | indent 6 }} + {{- end }} + endpoints: + - port: http + {{- if or .Values.prometheus.monitor.http.interval .Values.prometheus.monitor.interval }} + interval: {{ .Values.prometheus.monitor.http.interval | default .Values.prometheus.monitor.interval }} + {{- end }} + {{- if or .Values.prometheus.monitor.http.scrapeTimeout .Values.prometheus.monitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.prometheus.monitor.http.scrapeTimeout | default .Values.prometheus.monitor.scrapeTimeout }} + {{- end }} + {{- if or .Values.prometheus.monitor.http.proxyUrl .Values.prometheus.monitor.proxyUrl }} + proxyUrl: {{ .Values.prometheus.monitor.http.proxyUrl | default .Values.prometheus.monitor.proxyUrl }} + {{- end }} + {{- if or .Values.prometheus.monitor.http.enableHttp2 .Values.prometheus.monitor.enableHttp2 }} + enableHttp2: {{ .Values.prometheus.monitor.http.enableHttp2 | default .Values.prometheus.monitor.enableHttp2 }} + {{- end }} + {{- if or .Values.prometheus.monitor.http.honorLabels .Values.prometheus.monitor.honorLabels }} + honorLabels: true + {{- end }} + {{- if or .Values.prometheus.monitor.http.metricRelabelings .Values.prometheus.monitor.metricRelabelings }} + metricRelabelings: + {{- toYaml (.Values.prometheus.monitor.http.metricRelabelings | default .Values.prometheus.monitor.metricRelabelings) | nindent 8 }} + {{- end }} + {{- if or .Values.prometheus.monitor.http.relabelings .Values.prometheus.monitor.relabelings }} + relabelings: + {{- toYaml (.Values.prometheus.monitor.http.relabelings | default .Values.prometheus.monitor.relabelings) | nindent 8 }} + {{- end }} + {{- if or .Values.prometheus.monitor.http.scheme .Values.prometheus.monitor.scheme }} + scheme: {{ .Values.prometheus.monitor.http.scheme | default .Values.prometheus.monitor.scheme }} + {{- end }} + {{- if or .Values.prometheus.monitor.http.tlsConfig .Values.prometheus.monitor.tlsConfig }} + tlsConfig: + {{- toYaml (.Values.prometheus.monitor.http.tlsConfig | default .Values.prometheus.monitor.tlsConfig) | nindent 8 }} + {{- end }} + {{- if or .Values.prometheus.monitor.http.bearerTokenFile .Values.prometheus.monitor.bearerTokenFile }} + bearerTokenFile: {{ .Values.prometheus.monitor.http.bearerTokenFile | default .Values.prometheus.monitor.bearerTokenFile }} + {{- end }} + {{- with (.Values.prometheus.monitor.http.bearerTokenSecret | default .Values.prometheus.monitor.bearerTokenSecret) }} + bearerTokenSecret: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.selfMonitor.enabled }} + - port: metrics + {{- if or .Values.prometheus.monitor.metrics.interval .Values.prometheus.monitor.interval }} + interval: {{ .Values.prometheus.monitor.metrics.interval | default .Values.prometheus.monitor.interval }} + {{- end }} + {{- if or .Values.prometheus.monitor.metrics.scrapeTimeout .Values.prometheus.monitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.prometheus.monitor.metrics.scrapeTimeout | default .Values.prometheus.monitor.scrapeTimeout }} + {{- end }} + {{- if or .Values.prometheus.monitor.metrics.proxyUrl .Values.prometheus.monitor.proxyUrl }} + proxyUrl: {{ .Values.prometheus.monitor.metrics.proxyUrl | default .Values.prometheus.monitor.proxyUrl }} + {{- end }} + {{- if or .Values.prometheus.monitor.metrics.enableHttp2 .Values.prometheus.monitor.enableHttp2 }} + enableHttp2: {{ .Values.prometheus.monitor.metrics.enableHttp2 | default .Values.prometheus.monitor.enableHttp2 }} + {{- end }} + {{- if or .Values.prometheus.monitor.metrics.honorLabels .Values.prometheus.monitor.honorLabels }} + honorLabels: true + {{- end }} + {{- if or .Values.prometheus.monitor.metrics.metricRelabelings .Values.prometheus.monitor.metricRelabelings }} + metricRelabelings: + {{- toYaml (.Values.prometheus.monitor.metrics.metricRelabelings | default .Values.prometheus.monitor.metricRelabelings) | nindent 8 }} + {{- end }} + {{- if or .Values.prometheus.monitor.metrics.relabelings .Values.prometheus.monitor.relabelings }} + relabelings: + {{- toYaml (.Values.prometheus.monitor.metrics.relabelings | default .Values.prometheus.monitor.relabelings) | nindent 8 }} + {{- end }} + {{- if or .Values.prometheus.monitor.metrics.scheme .Values.prometheus.monitor.scheme }} + scheme: {{ .Values.prometheus.monitor.metrics.scheme | default .Values.prometheus.monitor.scheme }} + {{- end }} + {{- if or .Values.prometheus.monitor.metrics.tlsConfig .Values.prometheus.monitor.tlsConfig }} + tlsConfig: + {{- toYaml (.Values.prometheus.monitor.metrics.tlsConfig | default .Values.prometheus.monitor.tlsConfig) | nindent 8 }} + {{- end }} + {{- if or .Values.prometheus.monitor.metrics.bearerTokenFile .Values.prometheus.monitor.bearerTokenFile }} + bearerTokenFile: {{ .Values.prometheus.monitor.metrics.bearerTokenFile | default .Values.prometheus.monitor.bearerTokenFile }} + {{- end }} + {{- with (.Values.prometheus.monitor.metrics.bearerTokenSecret | default .Values.prometheus.monitor.bearerTokenSecret) }} + bearerTokenSecret: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/stsdiscovery-role.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/stsdiscovery-role.yaml new file mode 100644 index 0000000..489de14 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/stsdiscovery-role.yaml @@ -0,0 +1,26 @@ +{{- if and .Values.autosharding.enabled .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }} + namespace: {{ template "kube-state-metrics.namespace" . }} + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - get +- apiGroups: + - apps + resourceNames: + - {{ template "kube-state-metrics.fullname" . }} + resources: + - statefulsets + verbs: + - get + - list + - watch +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml new file mode 100644 index 0000000..73b37a4 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.autosharding.enabled .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }} + namespace: {{ template "kube-state-metrics.namespace" . }} + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "kube-state-metrics.serviceAccountName" . }} + namespace: {{ template "kube-state-metrics.namespace" . }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/verticalpodautoscaler.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/verticalpodautoscaler.yaml new file mode 100644 index 0000000..f46305b --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/templates/verticalpodautoscaler.yaml @@ -0,0 +1,44 @@ +{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1") (.Values.verticalPodAutoscaler.enabled) }} +apiVersion: autoscaling.k8s.io/v1 +kind: VerticalPodAutoscaler +metadata: + name: {{ template "kube-state-metrics.fullname" . }} + namespace: {{ template "kube-state-metrics.namespace" . }} + labels: + {{- include "kube-state-metrics.labels" . | indent 4 }} +spec: + {{- with .Values.verticalPodAutoscaler.recommenders }} + recommenders: + {{- toYaml . | nindent 4 }} + {{- end }} + resourcePolicy: + containerPolicies: + - containerName: {{ template "kube-state-metrics.name" . }} + {{- with .Values.verticalPodAutoscaler.controlledResources }} + controlledResources: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.verticalPodAutoscaler.controlledValues }} + controlledValues: {{ .Values.verticalPodAutoscaler.controlledValues }} + {{- end }} + {{- if .Values.verticalPodAutoscaler.maxAllowed }} + maxAllowed: + {{ toYaml .Values.verticalPodAutoscaler.maxAllowed | nindent 8 }} + {{- end }} + {{- if .Values.verticalPodAutoscaler.minAllowed }} + minAllowed: + {{ toYaml .Values.verticalPodAutoscaler.minAllowed | nindent 8 }} + {{- end }} + targetRef: + apiVersion: apps/v1 + {{- if .Values.autosharding.enabled }} + kind: StatefulSet + {{- else }} + kind: Deployment + {{- end }} + name: {{ template "kube-state-metrics.fullname" . }} + {{- with .Values.verticalPodAutoscaler.updatePolicy }} + updatePolicy: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/values.yaml b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/values.yaml new file mode 100644 index 0000000..0f2027c --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/kube-state-metrics/values.yaml @@ -0,0 +1,601 @@ +# Default values for kube-state-metrics. +prometheusScrape: true +image: + registry: registry.k8s.io + repository: kube-state-metrics/kube-state-metrics + # If unset use v + .Charts.appVersion + tag: "" + sha: "" + pullPolicy: IfNotPresent + +imagePullSecrets: [] +# - name: "image-pull-secret" + +global: + # To help compatibility with other charts which use global.imagePullSecrets. + # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style). + # global: + # imagePullSecrets: + # - name: pullSecret1 + # - name: pullSecret2 + # or + # global: + # imagePullSecrets: + # - pullSecret1 + # - pullSecret2 + imagePullSecrets: [] + # + # Allow parent charts to override registry hostname + imageRegistry: "" + +# If set to true, this will deploy kube-state-metrics as a StatefulSet and the data +# will be automatically sharded across <.Values.replicas> pods using the built-in +# autodiscovery feature: https://github.com/kubernetes/kube-state-metrics#automated-sharding +# This is an experimental feature and there are no stability guarantees. +autosharding: + enabled: false + +replicas: 1 + +# Change the deployment strategy when autosharding is disabled. +# ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy +# The default is "RollingUpdate" as per Kubernetes defaults. +# During a release, 'RollingUpdate' can lead to two running instances for a short period of time while 'Recreate' can create a small gap in data. +# updateStrategy: Recreate + +# Number of old history to retain to allow rollback +# Default Kubernetes value is set to 10 +revisionHistoryLimit: 10 + +# List of additional cli arguments to configure kube-state-metrics +# for example: --enable-gzip-encoding, --log-file, etc. +# all the possible args can be found here: https://github.com/kubernetes/kube-state-metrics/blob/master/docs/cli-arguments.md +extraArgs: [] + +# If false then the user will opt out of automounting API credentials. +automountServiceAccountToken: true + +service: + port: 8080 + # Default to clusterIP for backward compatibility + type: ClusterIP + ipDualStack: + enabled: false + ipFamilies: ["IPv6", "IPv4"] + ipFamilyPolicy: "PreferDualStack" + nodePort: 0 + loadBalancerIP: "" + # Only allow access to the loadBalancerIP from these IPs + loadBalancerSourceRanges: [] + clusterIP: "" + annotations: {} + +## Additional labels to add to all resources +customLabels: {} + # app: kube-state-metrics + +## Override selector labels +selectorOverride: {} + +## set to true to add the release label so scraping of the servicemonitor with kube-prometheus-stack works out of the box +releaseLabel: false + +hostNetwork: false + +rbac: + # If true, create & use RBAC resources + create: true + + # Set to a rolename to use existing role - skipping role creating - but still doing serviceaccount and rolebinding to it, rolename set here. + # useExistingRole: your-existing-role + + # If set to false - Run without Cluteradmin privs needed - ONLY works if namespace is also set (if useExistingRole is set this name is used as ClusterRole or Role to bind to) + useClusterRole: true + + # Add permissions for CustomResources' apiGroups in Role/ClusterRole. Should be used in conjunction with Custom Resource State Metrics configuration + # Example: + # - apiGroups: ["monitoring.coreos.com"] + # resources: ["prometheuses"] + # verbs: ["list", "watch"] + extraRules: [] + +# Configure kube-rbac-proxy. When enabled, creates one kube-rbac-proxy container per exposed HTTP endpoint (metrics and telemetry if enabled). +# The requests are served through the same service but requests are then HTTPS. +kubeRBACProxy: + enabled: false + image: + registry: quay.io + repository: brancz/kube-rbac-proxy + tag: v0.19.1 + sha: "" + pullPolicy: IfNotPresent + + # List of additional cli arguments to configure kube-rbac-prxy + # for example: --tls-cipher-suites, --log-file, etc. + # all the possible args can be found here: https://github.com/brancz/kube-rbac-proxy#usage + extraArgs: [] + + ## Specify security settings for a Container + ## Allows overrides and additional options compared to (Pod) securityContext + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + containerSecurityContext: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + + ## volumeMounts enables mounting custom volumes in rbac-proxy containers + ## Useful for TLS certificates and keys + volumeMounts: [] + # - mountPath: /etc/tls + # name: kube-rbac-proxy-tls + # readOnly: true + +serviceAccount: + # Specifies whether a ServiceAccount should be created, require rbac true + create: true + # The name of the ServiceAccount to use. + # If not set and create is true, a name is generated using the fullname template + name: + # Reference to one or more secrets to be used when pulling images + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + imagePullSecrets: [] + # ServiceAccount annotations. + # Use case: AWS EKS IAM roles for service accounts + # ref: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html + annotations: {} + # If false then the user will opt out of automounting API credentials. + automountServiceAccountToken: true + +# Additional Environment variables +env: [] + # - name: GOMAXPROCS + # valueFrom: + # resourceFieldRef: + # resource: limits.cpu + +prometheus: + monitor: + enabled: false + annotations: {} + additionalLabels: {} + namespace: "" + namespaceSelector: [] + jobLabel: "" + targetLabels: [] + podTargetLabels: [] + ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. + ## + sampleLimit: 0 + + ## TargetLimit defines a limit on the number of scraped targets that will be accepted. + ## + targetLimit: 0 + + ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelLimit: 0 + + ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelNameLengthLimit: 0 + + ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelValueLengthLimit: 0 + selectorOverride: {} + + ## kube-state-metrics endpoint + http: + interval: "" + scrapeTimeout: "" + proxyUrl: "" + ## Whether to enable HTTP2 for servicemonitor + enableHttp2: false + honorLabels: false + metricRelabelings: [] + relabelings: [] + scheme: "" + ## File to read bearer token for scraping targets + bearerTokenFile: "" + ## Secret to mount to read bearer token for scraping targets. The secret needs + ## to be in the same namespace as the service monitor and accessible by the + ## Prometheus Operator + bearerTokenSecret: {} + # name: secret-name + # key: key-name + tlsConfig: {} + + ## selfMonitor endpoint + metrics: + interval: "" + scrapeTimeout: "" + proxyUrl: "" + ## Whether to enable HTTP2 for servicemonitor + enableHttp2: false + honorLabels: false + metricRelabelings: [] + relabelings: [] + scheme: "" + ## File to read bearer token for scraping targets + bearerTokenFile: "" + ## Secret to mount to read bearer token for scraping targets. The secret needs + ## to be in the same namespace as the service monitor and accessible by the + ## Prometheus Operator + bearerTokenSecret: {} + # name: secret-name + # key: key-name + tlsConfig: {} + ## Create a scrapeConfig resource for scraping the kube-state-metrics service. Use this instead of serviceMonitor + ## to have more instances of kube-state-metrics safety. + scrapeconfig: + ## To avoid duplicate metrics, first disable the serviceMonitor creation via prometheus.monitor.enabled=false + enabled: false + annotations: {} + additionalLabels: {} + jobName: kube-state-metrics + ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. + ## + sampleLimit: 0 + + ## TargetLimit defines a limit on the number of scraped targets that will be accepted. + ## + targetLimit: 0 + + ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelLimit: 0 + + ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelNameLengthLimit: 0 + + ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelValueLengthLimit: 0 + + ## StaticConfigLabels defines the labels to be used in the Prometheus static configuration for scraping. + staticConfigLabels: {} + scrapeInterval: "" + scrapeTimeout: "" + proxyUrl: "" + ## Whether to enable HTTP2 for scrapeconfig + enableHttp2: false + honorLabels: true + metricRelabelings: [] + relabelings: [] + scheme: "" + tlsConfig: {} + +## Configure network policy for kube-state-metrics +networkPolicy: + enabled: false + # networkPolicy.flavor -- Flavor of the network policy to use. + # Can be: + # * kubernetes for networking.k8s.io/v1/NetworkPolicy + # * cilium for cilium.io/v2/CiliumNetworkPolicy + flavor: kubernetes + + ## Configure the cilium network policy kube-apiserver selector + # cilium: + # kubeApiServerSelector: + # - toEntities: + # - kube-apiserver + + # egress: + # - {} + # ingress: + # - {} + # podSelector: + # matchLabels: + # app.kubernetes.io/name: kube-state-metrics + +securityContext: + enabled: true + runAsGroup: 65534 + runAsUser: 65534 + fsGroup: 65534 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + +## Specify security settings for a Container +## Allows overrides and additional options compared to (Pod) securityContext +## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container +containerSecurityContext: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + +## Node labels for pod assignment +## Ref: https://kubernetes.io/docs/user-guide/node-selection/ +nodeSelector: {} + +## Affinity settings for pod assignment +## Can be defined as either a dict or string. String is useful for `tpl` templating. +## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +affinity: {} +# affinity: | +# podAntiAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# - labelSelector: +# matchLabels: +# {{- include "kube-state-metrics.selectorLabels" . | indent 10 }} +# topologyKey: kubernetes.io/hostname + +## Tolerations for pod assignment +## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +tolerations: [] + +## Topology spread constraints for pod assignment +## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ +topologySpreadConstraints: [] + +# Annotations to be added to the deployment/statefulset +annotations: {} + +# Labels to be added to the deployment/statefulset +labels: {} + +# Annotations to be added to the pod +podAnnotations: {} + +# Labels to be added to the pod +podLabels: {} + +## Assign a PriorityClassName to pods if set +# priorityClassName: "" + +# Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ +podDisruptionBudget: {} + +# Comma-separated list of metrics to be exposed. +# This list comprises of exact metric names and/or regex patterns. +# The allowlist and denylist are mutually exclusive. +metricAllowlist: [] + +# Comma-separated list of metrics not to be enabled. +# This list comprises of exact metric names and/or regex patterns. +# The allowlist and denylist are mutually exclusive. +metricDenylist: [] + +# Comma-separated list of additional Kubernetes label keys that will be used in the resource's +# labels metric. By default the metric contains only name and namespace labels. +# To include additional labels, provide a list of resource names in their plural form and Kubernetes +# label keys you would like to allow for them (Example: '=namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...)'. +# A single '*' can be provided per resource instead to allow any labels, but that has +# severe performance implications (Example: '=pods=[*]'). +metricLabelsAllowlist: [] + # - namespaces=[k8s-label-1,k8s-label-n] + +# Comma-separated list of Kubernetes annotations keys that will be used in the resource' +# labels metric. By default the metric contains only name and namespace labels. +# To include additional annotations provide a list of resource names in their plural form and Kubernetes +# annotation keys you would like to allow for them (Example: '=namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...)'. +# A single '*' can be provided per resource instead to allow any annotations, but that has +# severe performance implications (Example: '=pods=[*]'). +metricAnnotationsAllowList: [] + # - pods=[k8s-annotation-1,k8s-annotation-n] + +# Available collectors for kube-state-metrics. +# By default, all available resources are enabled, comment out to disable. +collectors: + - certificatesigningrequests + - configmaps + - cronjobs + - daemonsets + - deployments + - endpoints + - horizontalpodautoscalers + - ingresses + - jobs + - leases + - limitranges + - mutatingwebhookconfigurations + - namespaces + - networkpolicies + - nodes + - persistentvolumeclaims + - persistentvolumes + - poddisruptionbudgets + - pods + - replicasets + - replicationcontrollers + - resourcequotas + - secrets + - services + - statefulsets + - storageclasses + - validatingwebhookconfigurations + - volumeattachments + # - ingressclasses + # - clusterrolebindings + # - clusterroles + # - roles + +# Enabling kubeconfig will pass the --kubeconfig argument to the container +kubeconfig: + enabled: false + # base64 encoded kube-config file + secret: + +# Enabling support for customResourceState, will create a configMap including your config that will be read from kube-state-metrics +customResourceState: + # Whether to enable support for CustomResourceStateMetrics. + enabled: false + + # Whether to create the ConfigMap that holds the config. + create: true + + # Name of the ConfigMap that holds the config. If empty, name will be generated based on the release name. + name: "" + + # ConfigMap key that holds the config. + key: config.yaml + + # Definition of the CustomResourceStateMetrics. Add (Cluster)Role permissions to list/watch the resources defined in the config to rbac.extraRules. + config: {} + +# Enable only the release namespace for collecting resources. By default all namespaces are collected. +# If releaseNamespace and namespaces are both set a merged list will be collected. +releaseNamespace: false + +# Comma-separated list(string) or yaml list of namespaces to be enabled for collecting resources. By default all namespaces are collected. +namespaces: "" + +# Comma-separated list of namespaces not to be enabled. If namespaces and namespaces-denylist are both set, +# only namespaces that are excluded in namespaces-denylist will be used. +namespacesDenylist: "" + +## Override the deployment namespace +## +namespaceOverride: "" + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + +# Enable self metrics configuration for service and Service Monitor +# Default values for telemetry configuration can be overridden +# If you set telemetryNodePort, you must also set service.type to NodePort +selfMonitor: + enabled: false + # telemetryHost: 0.0.0.0 + # telemetryPort: 8081 + # telemetryNodePort: 0 + +# Enable vertical pod autoscaler support for kube-state-metrics +verticalPodAutoscaler: + enabled: false + + # Recommender responsible for generating recommendation for the object. + # List should be empty (then the default recommender will generate the recommendation) + # or contain exactly one recommender. + # recommenders: [] + # - name: custom-recommender-performance + + # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory + controlledResources: [] + # Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits. + # controlledValues: RequestsAndLimits + + # Define the max allowed resources for the pod + maxAllowed: {} + # cpu: 200m + # memory: 100Mi + # Define the min allowed resources for the pod + minAllowed: {} + # cpu: 200m + # memory: 100Mi + + # updatePolicy: + # Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction + # minReplicas: 1 + # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates + # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto". + # updateMode: Auto + +# volumeMounts are used to add custom volume mounts to deployment. +# See example below +volumeMounts: [] +# - mountPath: /etc/config +# name: config-volume + +# volumes are used to add custom volumes to deployment +# See example below +volumes: [] +# - configMap: +# name: cm-for-volume +# name: config-volume + +# Extra manifests to deploy as an array +extraManifests: [] + # - apiVersion: v1 + # kind: ConfigMap + # metadata: + # labels: + # name: prometheus-extra + # data: + # extra-data: "value" + +## Containers allows injecting additional containers. +containers: [] + # - name: crd-init + # image: kiwigrid/k8s-sidecar:latest + +## InitContainers allows injecting additional initContainers. +initContainers: [] + # - name: crd-sidecar + # image: kiwigrid/k8s-sidecar:latest + +## dnsPolicy allows to change the default DNS configuration for the pod +## Ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy +dnsPolicy: ClusterFirst + +## dnsConfig allows setting up specific DNS configuration for the pod +## Ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-config +dnsConfig: {} + +## Settings for startup, liveness and readiness probes +## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ +## + +## Startup probe can optionally be enabled. +## +startupProbe: + enabled: false + failureThreshold: 3 + httpGet: + httpHeaders: [] + scheme: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + +## Liveness probe +## +livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: [] + scheme: http + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + +## Readiness probe +## +readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: [] + scheme: http + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/.helmignore b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/.helmignore new file mode 100644 index 0000000..2846d36 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj + +ci/ diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/Chart.yaml b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/Chart.yaml new file mode 100644 index 0000000..7d6cb1d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/Chart.yaml @@ -0,0 +1,28 @@ +annotations: + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Chart Source + url: https://github.com/prometheus-community/helm-charts +apiVersion: v2 +appVersion: 1.9.1 +description: A Helm chart for prometheus node-exporter +home: https://github.com/prometheus/node_exporter/ +keywords: +- node-exporter +- prometheus +- exporter +maintainers: +- email: gianrubio@gmail.com + name: gianrubio + url: https://github.com/gianrubio +- email: zanhsieh@gmail.com + name: zanhsieh + url: https://github.com/zanhsieh +- email: rootsandtrees@posteo.de + name: zeritti + url: https://github.com/zeritti +name: prometheus-node-exporter +sources: +- https://github.com/prometheus/node_exporter/ +type: application +version: 4.47.0 diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/README.md b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/README.md new file mode 100644 index 0000000..fd83395 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/README.md @@ -0,0 +1,96 @@ +# Prometheus Node Exporter + +Prometheus exporter for hardware and OS metrics exposed by *NIX kernels, written in Go with pluggable metric collectors. + +This chart bootstraps a Prometheus [Node Exporter](http://github.com/prometheus/node_exporter) daemonset on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +## Get Repository Info + +```console +helm repo add prometheus-community https://prometheus-community.github.io/helm-charts +helm repo update +``` + +_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + +## Install Chart + +```console +helm install [RELEASE_NAME] prometheus-community/prometheus-node-exporter +``` + +_See [configuration](#configuring) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + +## Uninstall Chart + +```console +helm uninstall [RELEASE_NAME] +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +## Upgrading Chart + +```console +helm upgrade [RELEASE_NAME] prometheus-community/prometheus-node-exporter --install +``` + +_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._ + +### 3.x to 4.x + +Starting from version 4.0.0, the `node exporter` chart is using the [Kubernetes recommended labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/). Therefore you have to delete the daemonset before you upgrade. + +```console +kubectl delete daemonset -l app=prometheus-node-exporter +helm upgrade -i prometheus-node-exporter prometheus-community/prometheus-node-exporter +``` + +If you use your own custom [ServiceMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#servicemonitor) or [PodMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#podmonitor), please ensure to upgrade their `selector` fields accordingly to the new labels. + +### From 2.x to 3.x + +Change the following: + +```yaml +hostRootFsMount: true +``` + +to: + +```yaml +hostRootFsMount: + enabled: true + mountPropagation: HostToContainer +``` + +## Configuring + +See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands: + +```console +helm show values prometheus-community/prometheus-node-exporter +``` + +### kube-rbac-proxy + +You can enable `prometheus-node-exporter` endpoint protection using `kube-rbac-proxy`. By setting `kubeRBACProxy.enabled: true`, this chart will deploy a RBAC proxy container protecting the node-exporter endpoint. +To authorize access, authenticate your requests (via a `ServiceAccount` for example) with a `ClusterRole` attached such as: + +```yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: prometheus-node-exporter-read +rules: + - apiGroups: [ "" ] + resources: ["services/node-exporter-prometheus-node-exporter"] + verbs: + - get +``` + +See [kube-rbac-proxy examples](https://github.com/brancz/kube-rbac-proxy/tree/master/examples/resource-attributes) for more details. diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/NOTES.txt b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/NOTES.txt new file mode 100644 index 0000000..db8584d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/NOTES.txt @@ -0,0 +1,29 @@ +1. Get the application URL by running these commands: +{{- if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ template "prometheus-node-exporter.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus-node-exporter.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ template "prometheus-node-exporter.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ template "prometheus-node-exporter.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ template "prometheus-node-exporter.namespace" . }} {{ template "prometheus-node-exporter.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ template "prometheus-node-exporter.namespace" . }} -l "app.kubernetes.io/name={{ template "prometheus-node-exporter.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:9100 to use your application" + kubectl port-forward --namespace {{ template "prometheus-node-exporter.namespace" . }} $POD_NAME 9100 +{{- end }} + +{{- if .Values.kubeRBACProxy.enabled}} + +kube-rbac-proxy endpoint protections is enabled: +- Metrics endpoints is now HTTPS +- Ensure that the client authenticates the requests (e.g. via service account) with the following role permissions: +``` +rules: + - apiGroups: [ "" ] + resources: ["services/{{ template "prometheus-node-exporter.fullname" . }}"] + verbs: + - get +``` +{{- end }} \ No newline at end of file diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/_helpers.tpl b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/_helpers.tpl new file mode 100644 index 0000000..890c487 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/_helpers.tpl @@ -0,0 +1,237 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "prometheus-node-exporter.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "prometheus-node-exporter.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "prometheus-node-exporter.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "prometheus-node-exporter.labels" -}} +helm.sh/chart: {{ include "prometheus-node-exporter.chart" . }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/component: metrics +app.kubernetes.io/part-of: {{ include "prometheus-node-exporter.name" . }} +{{ include "prometheus-node-exporter.selectorLabels" . }} +{{- with .Chart.AppVersion }} +app.kubernetes.io/version: {{ . | quote }} +{{- end }} +{{- with .Values.commonLabels }} +{{ tpl (toYaml .) $ }} +{{- end }} +{{- if .Values.releaseLabel }} +release: {{ .Release.Name }} +{{- end }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "prometheus-node-exporter.selectorLabels" -}} +app.kubernetes.io/name: {{ include "prometheus-node-exporter.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + + +{{/* +Create the name of the service account to use +*/}} +{{- define "prometheus-node-exporter.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "prometheus-node-exporter.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +The image to use +*/}} +{{- define "prometheus-node-exporter.image" -}} +{{- if .Values.image.sha }} +{{- fail "image.sha forbidden. Use image.digest instead" }} +{{- else if .Values.image.digest }} +{{- if .Values.global.imageRegistry }} +{{- printf "%s/%s:%s@%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.digest }} +{{- else }} +{{- printf "%s/%s:%s@%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.digest }} +{{- end }} +{{- else }} +{{- if .Values.global.imageRegistry }} +{{- printf "%s/%s:%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }} +{{- else }} +{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Allow the release namespace to be overridden for multi-namespace deployments in combined charts +*/}} +{{- define "prometheus-node-exporter.namespace" -}} +{{- if .Values.namespaceOverride }} +{{- .Values.namespaceOverride }} +{{- else }} +{{- .Release.Namespace }} +{{- end }} +{{- end }} + +{{/* +Create the namespace name of the service monitor +*/}} +{{- define "prometheus-node-exporter.monitor-namespace" -}} +{{- if .Values.namespaceOverride }} +{{- .Values.namespaceOverride }} +{{- else }} +{{- if .Values.prometheus.monitor.namespace }} +{{- .Values.prometheus.monitor.namespace }} +{{- else }} +{{- .Release.Namespace }} +{{- end }} +{{- end }} +{{- end }} + +{{/* Sets default scrape limits for servicemonitor */}} +{{- define "servicemonitor.scrapeLimits" -}} +{{- with .sampleLimit }} +sampleLimit: {{ . }} +{{- end }} +{{- with .targetLimit }} +targetLimit: {{ . }} +{{- end }} +{{- with .labelLimit }} +labelLimit: {{ . }} +{{- end }} +{{- with .labelNameLengthLimit }} +labelNameLengthLimit: {{ . }} +{{- end }} +{{- with .labelValueLengthLimit }} +labelValueLengthLimit: {{ . }} +{{- end }} +{{- end }} + +{{/* +Formats imagePullSecrets. Input is (dict "Values" .Values "imagePullSecrets" .{specific imagePullSecrets}) +*/}} +{{- define "prometheus-node-exporter.imagePullSecrets" -}} +{{- range (concat .Values.global.imagePullSecrets .imagePullSecrets) }} + {{- if eq (typeOf .) "map[string]interface {}" }} +- {{ toYaml . | trim }} + {{- else }} +- name: {{ . }} + {{- end }} +{{- end }} +{{- end -}} + +{{/* +Create the namespace name of the pod monitor +*/}} +{{- define "prometheus-node-exporter.podmonitor-namespace" -}} +{{- if .Values.namespaceOverride }} +{{- .Values.namespaceOverride }} +{{- else }} +{{- if .Values.prometheus.podMonitor.namespace }} +{{- .Values.prometheus.podMonitor.namespace }} +{{- else }} +{{- .Release.Namespace }} +{{- end }} +{{- end }} +{{- end }} + +{{/* Sets default scrape limits for podmonitor */}} +{{- define "podmonitor.scrapeLimits" -}} +{{- with .sampleLimit }} +sampleLimit: {{ . }} +{{- end }} +{{- with .targetLimit }} +targetLimit: {{ . }} +{{- end }} +{{- with .labelLimit }} +labelLimit: {{ . }} +{{- end }} +{{- with .labelNameLengthLimit }} +labelNameLengthLimit: {{ . }} +{{- end }} +{{- with .labelValueLengthLimit }} +labelValueLengthLimit: {{ . }} +{{- end }} +{{- end }} + +{{/* Sets sidecar volumeMounts */}} +{{- define "prometheus-node-exporter.sidecarVolumeMounts" -}} +{{- range $_, $mount := $.Values.sidecarVolumeMount }} +- name: {{ $mount.name }} + mountPath: {{ $mount.mountPath }} + readOnly: {{ $mount.readOnly }} +{{- end }} +{{- range $_, $mount := $.Values.sidecarHostVolumeMounts }} +- name: {{ $mount.name }} + mountPath: {{ $mount.mountPath }} + readOnly: {{ $mount.readOnly }} +{{- if $mount.mountPropagation }} + mountPropagation: {{ $mount.mountPropagation }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +The default node affinity to exclude +- AWS Fargate +- Azure virtual nodes +*/}} +{{- define "prometheus-node-exporter.defaultAffinity" -}} +nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: eks.amazonaws.com/compute-type + operator: NotIn + values: + - fargate + - key: type + operator: NotIn + values: + - virtual-kubelet +{{- end -}} +{{- define "prometheus-node-exporter.mergedAffinities" -}} +{{- $defaultAffinity := include "prometheus-node-exporter.defaultAffinity" . | fromYaml -}} +{{- with .Values.affinity -}} + {{- if .nodeAffinity -}} + {{- $_ := set $defaultAffinity "nodeAffinity" (mergeOverwrite $defaultAffinity.nodeAffinity .nodeAffinity) -}} + {{- end -}} + {{- if .podAffinity -}} + {{- $_ := set $defaultAffinity "podAffinity" .podAffinity -}} + {{- end -}} + {{- if .podAntiAffinity -}} + {{- $_ := set $defaultAffinity "podAntiAffinity" .podAntiAffinity -}} + {{- end -}} +{{- end -}} +{{- toYaml $defaultAffinity -}} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/clusterrole.yaml b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/clusterrole.yaml new file mode 100644 index 0000000..c256dba --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/clusterrole.yaml @@ -0,0 +1,19 @@ +{{- if and (eq .Values.rbac.create true) (eq .Values.kubeRBACProxy.enabled true) -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "prometheus-node-exporter.fullname" . }} + labels: + {{- include "prometheus-node-exporter.labels" . | nindent 4 }} +rules: + {{- if $.Values.kubeRBACProxy.enabled }} + - apiGroups: [ "authentication.k8s.io" ] + resources: + - tokenreviews + verbs: [ "create" ] + - apiGroups: [ "authorization.k8s.io" ] + resources: + - subjectaccessreviews + verbs: [ "create" ] + {{- end }} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/clusterrolebinding.yaml b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/clusterrolebinding.yaml new file mode 100644 index 0000000..653305a --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/clusterrolebinding.yaml @@ -0,0 +1,20 @@ +{{- if and (eq .Values.rbac.create true) (eq .Values.kubeRBACProxy.enabled true) -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + {{- include "prometheus-node-exporter.labels" . | nindent 4 }} + name: {{ template "prometheus-node-exporter.fullname" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole +{{- if .Values.rbac.useExistingRole }} + name: {{ .Values.rbac.useExistingRole }} +{{- else }} + name: {{ template "prometheus-node-exporter.fullname" . }} +{{- end }} +subjects: +- kind: ServiceAccount + name: {{ template "prometheus-node-exporter.serviceAccountName" . }} + namespace: {{ template "prometheus-node-exporter.namespace" . }} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/daemonset.yaml b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/daemonset.yaml new file mode 100644 index 0000000..e3ac2f1 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/daemonset.yaml @@ -0,0 +1,348 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ include "prometheus-node-exporter.fullname" . }} + namespace: {{ include "prometheus-node-exporter.namespace" . }} + labels: + {{- include "prometheus-node-exporter.labels" . | nindent 4 }} + {{- with .Values.daemonsetAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + {{- with .Values.updateStrategy }} + updateStrategy: + {{- toYaml . | nindent 4 }} + {{- end }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "prometheus-node-exporter.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- tpl (toYaml .) $ | nindent 8 }} + {{- end }} + spec: + automountServiceAccountToken: {{ ternary true false (or .Values.serviceAccount.automountServiceAccountToken .Values.kubeRBACProxy.enabled) }} + {{- with .Values.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} + {{- with .Values.extraInitContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "prometheus-node-exporter.serviceAccountName" . }} + {{- with .Values.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ . }} + {{- end }} + containers: + {{- $servicePort := ternary .Values.kubeRBACProxy.port .Values.service.port .Values.kubeRBACProxy.enabled }} + - name: node-exporter + image: {{ include "prometheus-node-exporter.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: + - --path.procfs=/host/proc + - --path.sysfs=/host/sys + {{- if .Values.hostRootFsMount.enabled }} + - --path.rootfs=/host/root + {{- if semverCompare ">=1.4.0-0" (coalesce .Values.version .Values.image.tag .Chart.AppVersion) }} + - --path.udev.data=/host/root/run/udev/data + {{- end }} + {{- end }} + - --web.listen-address=[$(HOST_IP)]:{{ $servicePort }} + {{- with .Values.extraArgs }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + - name: HOST_IP + {{- if .Values.kubeRBACProxy.enabled }} + value: 127.0.0.1 + {{- else if .Values.service.listenOnAllInterfaces }} + value: 0.0.0.0 + {{- else }} + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + {{- end }} + {{- range $key, $value := .Values.env }} + - name: {{ $key }} + value: {{ $value | quote }} + {{- end }} + {{- if eq .Values.kubeRBACProxy.enabled false }} + ports: + - name: {{ .Values.service.portName }} + containerPort: {{ .Values.service.port }} + protocol: TCP + {{- end }} + livenessProbe: + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} + httpGet: + {{- if .Values.kubeRBACProxy.enabled }} + host: 127.0.0.1 + {{- end }} + httpHeaders: + {{- range $_, $header := .Values.livenessProbe.httpGet.httpHeaders }} + - name: {{ $header.name }} + value: {{ $header.value }} + {{- end }} + path: / + port: {{ $servicePort }} + scheme: {{ upper .Values.livenessProbe.httpGet.scheme }} + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + successThreshold: {{ .Values.livenessProbe.successThreshold }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + readinessProbe: + failureThreshold: {{ .Values.readinessProbe.failureThreshold }} + httpGet: + {{- if .Values.kubeRBACProxy.enabled }} + host: 127.0.0.1 + {{- end }} + httpHeaders: + {{- range $_, $header := .Values.readinessProbe.httpGet.httpHeaders }} + - name: {{ $header.name }} + value: {{ $header.value }} + {{- end }} + path: / + port: {{ $servicePort }} + scheme: {{ upper .Values.readinessProbe.httpGet.scheme }} + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + successThreshold: {{ .Values.readinessProbe.successThreshold }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + {{- with .Values.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- if .Values.terminationMessageParams.enabled }} + {{- with .Values.terminationMessageParams }} + terminationMessagePath: {{ .terminationMessagePath }} + terminationMessagePolicy: {{ .terminationMessagePolicy }} + {{- end }} + {{- end }} + volumeMounts: + - name: proc + mountPath: /host/proc + {{- with .Values.hostProcFsMount.mountPropagation }} + mountPropagation: {{ . }} + {{- end }} + readOnly: true + - name: sys + mountPath: /host/sys + {{- with .Values.hostSysFsMount.mountPropagation }} + mountPropagation: {{ . }} + {{- end }} + readOnly: true + {{- if .Values.hostRootFsMount.enabled }} + - name: root + mountPath: /host/root + {{- with .Values.hostRootFsMount.mountPropagation }} + mountPropagation: {{ . }} + {{- end }} + readOnly: true + {{- end }} + {{- range $_, $mount := .Values.extraHostVolumeMounts }} + - name: {{ $mount.name }} + mountPath: {{ $mount.mountPath }} + readOnly: {{ $mount.readOnly }} + {{- with $mount.mountPropagation }} + mountPropagation: {{ . }} + {{- end }} + {{- end }} + {{- range $_, $mount := .Values.sidecarVolumeMount }} + - name: {{ $mount.name }} + mountPath: {{ $mount.mountPath }} + readOnly: true + {{- end }} + {{- range $_, $mount := .Values.configmaps }} + - name: {{ $mount.name }} + mountPath: {{ $mount.mountPath }} + {{- end }} + {{- range $_, $mount := .Values.secrets }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + {{- end }} + {{- with .Values.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- range .Values.sidecars }} + {{- $overwrites := dict "volumeMounts" (concat (include "prometheus-node-exporter.sidecarVolumeMounts" $ | fromYamlArray) (.volumeMounts | default list) | default list) }} + {{- $defaults := dict "image" (include "prometheus-node-exporter.image" $) "securityContext" $.Values.containerSecurityContext "imagePullPolicy" $.Values.image.pullPolicy }} + - {{- toYaml (merge $overwrites . $defaults) | nindent 10 }} + {{- end }} + {{- if .Values.kubeRBACProxy.enabled }} + - name: kube-rbac-proxy + args: + {{- if .Values.kubeRBACProxy.extraArgs }} + {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 12 }} + {{- end }} + - --secure-listen-address=:{{ .Values.service.port}} + - --upstream=http://127.0.0.1:{{ $servicePort }}/ + - --proxy-endpoints-port={{ .Values.kubeRBACProxy.proxyEndpointsPort }} + - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml + {{- if and .Values.kubeRBACProxy.tls.enabled .Values.tlsSecret.enabled }} + - --tls-cert-file=/tls/private/{{ .Values.tlsSecret.certItem }} + - --tls-private-key-file=/tls/private/{{ .Values.tlsSecret.keyItem }} + {{- if and .Values.kubeRBACProxy.tls.tlsClientAuth .Values.tlsSecret.caItem }} + - --client-ca-file=/tls/private/{{ .Values.tlsSecret.caItem }} + {{- end }} + {{- end }} + volumeMounts: + - name: kube-rbac-proxy-config + mountPath: /etc/kube-rbac-proxy-config + {{- if and .Values.kubeRBACProxy.tls.enabled .Values.tlsSecret.enabled }} + - name: {{ tpl .Values.tlsSecret.volumeName . | quote }} + mountPath: /tls/private + readOnly: true + {{- end }} + {{- with .Values.kubeRBACProxy.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }} + {{- if .Values.kubeRBACProxy.image.sha }} + image: "{{ .Values.global.imageRegistry | default .Values.kubeRBACProxy.image.registry}}/{{ .Values.kubeRBACProxy.image.repository }}:{{ .Values.kubeRBACProxy.image.tag }}@sha256:{{ .Values.kubeRBACProxy.image.sha }}" + {{- else }} + image: "{{ .Values.global.imageRegistry | default .Values.kubeRBACProxy.image.registry}}/{{ .Values.kubeRBACProxy.image.repository }}:{{ .Values.kubeRBACProxy.image.tag }}" + {{- end }} + ports: + - containerPort: {{ .Values.service.port}} + name: {{ .Values.kubeRBACProxy.portName }} + {{- if .Values.kubeRBACProxy.enableHostPort }} + hostPort: {{ .Values.service.port }} + {{- end }} + - containerPort: {{ .Values.kubeRBACProxy.proxyEndpointsPort }} + {{- if .Values.kubeRBACProxy.enableProxyEndpointsHostPort }} + hostPort: {{ .Values.kubeRBACProxy.proxyEndpointsPort }} + {{- end }} + name: "http-healthz" + readinessProbe: + httpGet: + scheme: HTTPS + port: {{ .Values.kubeRBACProxy.proxyEndpointsPort }} + path: healthz + initialDelaySeconds: 5 + timeoutSeconds: 5 + {{- if .Values.kubeRBACProxy.resources }} + resources: + {{- toYaml .Values.kubeRBACProxy.resources | nindent 12 }} + {{- end }} + {{- if .Values.terminationMessageParams.enabled }} + {{- with .Values.terminationMessageParams }} + terminationMessagePath: {{ .terminationMessagePath }} + terminationMessagePolicy: {{ .terminationMessagePolicy }} + {{- end }} + {{- end }} + {{- with .Values.kubeRBACProxy.env }} + env: + {{- range $key, $value := $.Values.kubeRBACProxy.env }} + - name: {{ $key }} + value: {{ $value | quote }} + {{- end }} + {{- end }} + {{- if .Values.kubeRBACProxy.containerSecurityContext }} + securityContext: + {{ toYaml .Values.kubeRBACProxy.containerSecurityContext | nindent 12 }} + {{- end }} + {{- end }} + {{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- include "prometheus-node-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.imagePullSecrets) | indent 8 }} + {{- end }} + hostNetwork: {{ .Values.hostNetwork }} + hostPID: {{ .Values.hostPID }} + hostIPC: {{ .Values.hostIPC }} + affinity: + {{- include "prometheus-node-exporter.mergedAffinities" . | nindent 8 }} + {{- with .Values.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.restartPolicy }} + restartPolicy: {{ . }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: proc + hostPath: + path: /proc + - name: sys + hostPath: + path: /sys + {{- if .Values.hostRootFsMount.enabled }} + - name: root + hostPath: + path: / + {{- end }} + {{- range $_, $mount := .Values.extraHostVolumeMounts }} + - name: {{ $mount.name }} + hostPath: + path: {{ $mount.hostPath }} + {{- with $mount.type }} + type: {{ . }} + {{- end }} + {{- end }} + {{- range $_, $mount := .Values.sidecarVolumeMount }} + - name: {{ $mount.name }} + emptyDir: + medium: Memory + {{- end }} + {{- range $_, $mount := .Values.sidecarHostVolumeMounts }} + - name: {{ $mount.name }} + hostPath: + path: {{ $mount.hostPath }} + {{- end }} + {{- range $_, $mount := .Values.configmaps }} + - name: {{ $mount.name }} + configMap: + name: {{ $mount.name }} + {{- end }} + {{- range $_, $mount := .Values.secrets }} + - name: {{ $mount.name }} + secret: + secretName: {{ $mount.name }} + {{- end }} + {{- if .Values.kubeRBACProxy.enabled }} + - name: kube-rbac-proxy-config + configMap: + name: {{ template "prometheus-node-exporter.fullname" . }}-rbac-config + {{- end }} + {{- if .Values.tlsSecret.enabled }} + - name: {{ tpl .Values.tlsSecret.volumeName . | quote }} + secret: + secretName: {{ tpl .Values.tlsSecret.secretName . | quote }} + items: + - key: {{ required "Value tlsSecret.certItem must be set." .Values.tlsSecret.certItem | quote }} + path: {{ .Values.tlsSecret.certItem | quote }} + - key: {{ required "Value tlsSecret.keyItem must be set." .Values.tlsSecret.keyItem | quote }} + path: {{ .Values.tlsSecret.keyItem | quote }} + {{- if .Values.tlsSecret.caItem }} + - key: {{ .Values.tlsSecret.caItem | quote }} + path: {{ .Values.tlsSecret.caItem | quote }} + {{- end }} + {{- end }} + {{- with .Values.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/endpoints.yaml b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/endpoints.yaml new file mode 100644 index 0000000..45eeb8d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/endpoints.yaml @@ -0,0 +1,18 @@ +{{- if .Values.endpoints }} +apiVersion: v1 +kind: Endpoints +metadata: + name: {{ include "prometheus-node-exporter.fullname" . }} + namespace: {{ include "prometheus-node-exporter.namespace" . }} + labels: + {{- include "prometheus-node-exporter.labels" . | nindent 4 }} +subsets: + - addresses: + {{- range .Values.endpoints }} + - ip: {{ . }} + {{- end }} + ports: + - name: {{ .Values.service.portName }} + port: 9100 + protocol: TCP +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/extra-manifests.yaml b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/extra-manifests.yaml new file mode 100644 index 0000000..2b21b71 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/extra-manifests.yaml @@ -0,0 +1,4 @@ +{{ range .Values.extraManifests }} +--- +{{ tpl . $ }} +{{ end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/networkpolicy.yaml b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/networkpolicy.yaml new file mode 100644 index 0000000..ee40902 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/networkpolicy.yaml @@ -0,0 +1,27 @@ +{{- if .Values.networkPolicy.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "prometheus-node-exporter.fullname" . }} + namespace: {{ include "prometheus-node-exporter.namespace" . }} + labels: + {{- include "prometheus-node-exporter.labels" $ | nindent 4 }} + {{- with .Values.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + ingress: + {{- if .Values.networkPolicy.ingress }} + {{- toYaml .Values.networkPolicy.ingress | nindent 4 }} + {{- else }} + - ports: + - port: {{ .Values.service.port }} + {{- end }} + policyTypes: + - Egress + - Ingress + podSelector: + matchLabels: + {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/podmonitor.yaml b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/podmonitor.yaml new file mode 100644 index 0000000..f88da6a --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/podmonitor.yaml @@ -0,0 +1,91 @@ +{{- if .Values.prometheus.podMonitor.enabled }} +apiVersion: {{ .Values.prometheus.podMonitor.apiVersion | default "monitoring.coreos.com/v1" }} +kind: PodMonitor +metadata: + name: {{ include "prometheus-node-exporter.fullname" . }} + namespace: {{ include "prometheus-node-exporter.podmonitor-namespace" . }} + labels: + {{- include "prometheus-node-exporter.labels" . | nindent 4 }} + {{- with .Values.prometheus.podMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.podMonitor.jobLabel }} + {{- include "podmonitor.scrapeLimits" .Values.prometheus.podMonitor | nindent 2 }} + selector: + matchLabels: + {{- with .Values.prometheus.podMonitor.selectorOverride }} + {{- toYaml . | nindent 6 }} + {{- else }} + {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ include "prometheus-node-exporter.namespace" . }} + {{- with .Values.prometheus.podMonitor.attachMetadata }} + attachMetadata: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.prometheus.podMonitor.podTargetLabels }} + podTargetLabels: + {{- toYaml . | nindent 4 }} + {{- end }} + podMetricsEndpoints: + - port: {{ .Values.service.portName }} + {{- with .Values.prometheus.podMonitor.scheme }} + scheme: {{ . }} + {{- end }} + {{- with .Values.prometheus.podMonitor.path }} + path: {{ . }} + {{- end }} + {{- with .Values.prometheus.podMonitor.basicAuth }} + basicAuth: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.prometheus.podMonitor.bearerTokenSecret }} + bearerTokenSecret: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.prometheus.podMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.prometheus.podMonitor.authorization }} + authorization: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.prometheus.podMonitor.oauth2 }} + oauth2: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.prometheus.podMonitor.proxyUrl }} + proxyUrl: {{ . }} + {{- end }} + {{- with .Values.prometheus.podMonitor.interval }} + interval: {{ . }} + {{- end }} + {{- with .Values.prometheus.podMonitor.honorTimestamps }} + honorTimestamps: {{ . }} + {{- end }} + {{- with .Values.prometheus.podMonitor.honorLabels }} + honorLabels: {{ . }} + {{- end }} + {{- with .Values.prometheus.podMonitor.scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} + {{- with .Values.prometheus.podMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.prometheus.podMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + enableHttp2: {{ default false .Values.prometheus.podMonitor.enableHttp2 }} + filterRunning: {{ default true .Values.prometheus.podMonitor.filterRunning }} + followRedirects: {{ default false .Values.prometheus.podMonitor.followRedirects }} + {{- with .Values.prometheus.podMonitor.params }} + params: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/rbac-configmap.yaml b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/rbac-configmap.yaml new file mode 100644 index 0000000..814e110 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/rbac-configmap.yaml @@ -0,0 +1,16 @@ +{{- if .Values.kubeRBACProxy.enabled}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "prometheus-node-exporter.fullname" . }}-rbac-config + namespace: {{ include "prometheus-node-exporter.namespace" . }} +data: + config-file.yaml: |+ + authorization: + resourceAttributes: + namespace: {{ template "prometheus-node-exporter.namespace" . }} + apiVersion: v1 + resource: services + subresource: {{ template "prometheus-node-exporter.fullname" . }} + name: {{ template "prometheus-node-exporter.fullname" . }} +{{- end }} \ No newline at end of file diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/service.yaml b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/service.yaml new file mode 100644 index 0000000..9807c66 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/service.yaml @@ -0,0 +1,41 @@ +{{- if .Values.service.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "prometheus-node-exporter.fullname" . }} + namespace: {{ include "prometheus-node-exporter.namespace" . }} + labels: + {{- include "prometheus-node-exporter.labels" $ | nindent 4 }} + {{- with .Values.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: +{{- if .Values.service.ipDualStack.enabled }} + ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }} + ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }} +{{- end }} +{{- if .Values.service.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }} +{{- end }} +{{- if .Values.service.internalTrafficPolicy }} + internalTrafficPolicy: {{ .Values.service.internalTrafficPolicy }} +{{- end }} + type: {{ .Values.service.type }} +{{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }} + clusterIP: "{{ .Values.service.clusterIP }}" +{{- end }} + ports: + - port: {{ .Values.service.servicePort | default .Values.service.port }} + {{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }} + nodePort: {{ .Values.service.nodePort }} + {{- end }} + targetPort: {{ .Values.service.targetPort }} + protocol: TCP + name: {{ .Values.service.portName }} + selector: + {{- include "prometheus-node-exporter.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/serviceaccount.yaml b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/serviceaccount.yaml new file mode 100644 index 0000000..462b0cd --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/serviceaccount.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.rbac.create .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "prometheus-node-exporter.serviceAccountName" . }} + namespace: {{ include "prometheus-node-exporter.namespace" . }} + labels: + {{- include "prometheus-node-exporter.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} +{{- if or .Values.serviceAccount.imagePullSecrets .Values.global.imagePullSecrets }} +imagePullSecrets: + {{- include "prometheus-node-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.serviceAccount.imagePullSecrets) | indent 2 }} +{{- end }} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/servicemonitor.yaml b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/servicemonitor.yaml new file mode 100644 index 0000000..96ec1af --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/servicemonitor.yaml @@ -0,0 +1,65 @@ +{{- if .Values.prometheus.monitor.enabled }} +apiVersion: {{ .Values.prometheus.monitor.apiVersion | default "monitoring.coreos.com/v1" }} +kind: ServiceMonitor +metadata: + name: {{ include "prometheus-node-exporter.fullname" . }} + namespace: {{ include "prometheus-node-exporter.monitor-namespace" . }} + labels: + {{- include "prometheus-node-exporter.labels" . | nindent 4 }} + {{- with .Values.prometheus.monitor.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.monitor.jobLabel }} + {{- include "servicemonitor.scrapeLimits" .Values.prometheus.monitor | nindent 2 }} + {{- with .Values.prometheus.monitor.podTargetLabels }} + podTargetLabels: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.prometheus.monitor.targetLabels }} + targetLabels: + {{- toYaml . | nindent 4 }} + {{- end }} + selector: + matchLabels: + {{- with .Values.prometheus.monitor.selectorOverride }} + {{- toYaml . | nindent 6 }} + {{- else }} + {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }} + {{- end }} + {{- with .Values.prometheus.monitor.attachMetadata }} + attachMetadata: + {{- toYaml . | nindent 4 }} + {{- end }} + endpoints: + - port: {{ .Values.service.portName }} + scheme: {{ .Values.prometheus.monitor.scheme }} + {{- with .Values.prometheus.monitor.basicAuth }} + basicAuth: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.prometheus.monitor.bearerTokenFile }} + bearerTokenFile: {{ . }} + {{- end }} + {{- with .Values.prometheus.monitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.prometheus.monitor.proxyUrl }} + proxyUrl: {{ . }} + {{- end }} + {{- with .Values.prometheus.monitor.interval }} + interval: {{ . }} + {{- end }} + {{- with .Values.prometheus.monitor.scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} + {{- with .Values.prometheus.monitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.prometheus.monitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/verticalpodautoscaler.yaml b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/verticalpodautoscaler.yaml new file mode 100644 index 0000000..2c2705f --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/templates/verticalpodautoscaler.yaml @@ -0,0 +1,40 @@ +{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1") (.Values.verticalPodAutoscaler.enabled) }} +apiVersion: autoscaling.k8s.io/v1 +kind: VerticalPodAutoscaler +metadata: + name: {{ include "prometheus-node-exporter.fullname" . }} + namespace: {{ include "prometheus-node-exporter.namespace" . }} + labels: + {{- include "prometheus-node-exporter.labels" . | nindent 4 }} +spec: + {{- with .Values.verticalPodAutoscaler.recommenders }} + recommenders: + {{- toYaml . | nindent 4 }} + {{- end }} + resourcePolicy: + containerPolicies: + - containerName: node-exporter + {{- with .Values.verticalPodAutoscaler.controlledResources }} + controlledResources: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.verticalPodAutoscaler.controlledValues }} + controlledValues: {{ . }} + {{- end }} + {{- with .Values.verticalPodAutoscaler.maxAllowed }} + maxAllowed: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.verticalPodAutoscaler.minAllowed }} + minAllowed: + {{- toYaml . | nindent 8 }} + {{- end }} + targetRef: + apiVersion: apps/v1 + kind: DaemonSet + name: {{ include "prometheus-node-exporter.fullname" . }} + {{- with .Values.verticalPodAutoscaler.updatePolicy }} + updatePolicy: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/values.yaml b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/values.yaml new file mode 100644 index 0000000..09fe392 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/prometheus-node-exporter/values.yaml @@ -0,0 +1,616 @@ +# Default values for prometheus-node-exporter. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +image: + registry: quay.io + repository: prometheus/node-exporter + # Overrides the image tag whose default is {{ printf "v%s" .Chart.AppVersion }} + tag: "" + pullPolicy: IfNotPresent + digest: "" + +imagePullSecrets: [] +# - name: "image-pull-secret" +nameOverride: "" +fullnameOverride: "" + +# Number of old history to retain to allow rollback +# Default Kubernetes value is set to 10 +revisionHistoryLimit: 10 + +global: + # To help compatibility with other charts which use global.imagePullSecrets. + # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style). + # global: + # imagePullSecrets: + # - name: pullSecret1 + # - name: pullSecret2 + # or + # global: + # imagePullSecrets: + # - pullSecret1 + # - pullSecret2 + imagePullSecrets: [] + # + # Allow parent charts to override registry hostname + imageRegistry: "" + +# Configure kube-rbac-proxy. When enabled, creates a kube-rbac-proxy to protect the node-exporter http endpoint. +# The requests are served through the same service but requests are HTTPS. +kubeRBACProxy: + enabled: false + ## Set environment variables as name/value pairs + env: {} + # VARIABLE: value + image: + registry: quay.io + repository: brancz/kube-rbac-proxy + tag: v0.19.1 + sha: "" + pullPolicy: IfNotPresent + + # List of additional cli arguments to configure kube-rbac-proxy + # for example: --tls-cipher-suites, --log-file, etc. + # all the possible args can be found here: https://github.com/brancz/kube-rbac-proxy#usage + extraArgs: [] + + ## Specify security settings for a Container + ## Allows overrides and additional options compared to (Pod) securityContext + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + containerSecurityContext: {} + + # Specify the port used for the Node exporter container (upstream port) + port: 8100 + # Specify the name of the container port + portName: http + # Configure a hostPort. If true, hostPort will be enabled in the container and set to service.port. + enableHostPort: false + + # Configure Proxy Endpoints Port + # This is the port being probed for readiness + proxyEndpointsPort: 8888 + # Configure a hostPort. If true, hostPort will be enabled in the container and set to proxyEndpointsPort. + enableProxyEndpointsHostPort: false + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + + ## Additional volume mounts in the kube-rbac-proxy container + ## See extraVolumes below + extraVolumeMounts: [] + # - name: extra-volume + # mountPath: /extra + # readOnly: true + + ## tls enables using TLS resources from a volume on secret referred to in tlsSecret below. + ## When enabling tlsClientAuth, client CA certificate must be set in tlsSecret.caItem. + ## Ref. https://github.com/brancz/kube-rbac-proxy/issues/187 + tls: + enabled: false + tlsClientAuth: false + +## tlsSecret refers to an existing secret holding TLS items: client CA certificate, private key and certificate. +## secretName and volumeName can be templated. +## If enabled, volume volumeName gets created on secret secretName. +## The volume's resources will be used by kube-rbac-proxy if kubeRBACProxy.tls.enabled is set. +tlsSecret: + enabled: false + ## Key with client CA certificate (optional) + caItem: "" + ## Key with certificate + certItem: tls.crt + ## Key with private key + keyItem: tls.key + ## Name of an existing secret + secretName: prometheus-node-exporter-tls + ## Name of the volume to be created + volumeName: prometheus-node-exporter-tls + +## Service configuration +service: + ## Creating a service is enabled by default + enabled: true + + ## Service type + type: ClusterIP + ## IP address for type ClusterIP + clusterIP: "" + ## Default service port. Sets the port of the exposed container as well (NE or kubeRBACProxy). + ## Use "servicePort" below if changing the service port only is desired. + port: 9100 + ## Service port. Use this field if you wish to set a different service port + ## without changing the container port ("port" above). + servicePort: "" + ## Targeted port in the pod. Must refer to an open container port ("port" or "portName"). + ## (IntOrString) + targetPort: 9100 + ## Name of the service port. Sets the port name of the main container (NE) as well. + portName: metrics + ## Port number for service type NodePort + nodePort: null + + ## If true, node exporter will listen on all interfaces + listenOnAllInterfaces: true + + ## Additional annotations and labels for the service + annotations: + prometheus.io/scrape: "true" + labels: {} + + ## Dual stack settings for the service + ## https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services + ipDualStack: + enabled: false + ipFamilies: ["IPv6", "IPv4"] + ipFamilyPolicy: "PreferDualStack" + + ## External/Internal traffic policy setting (Cluster, Local) + ## https://kubernetes.io/docs/reference/networking/virtual-ips/#traffic-policies + externalTrafficPolicy: "" + internalTrafficPolicy: "" + +# Set a NetworkPolicy with: +# ingress only on service.port or custom policy +# no egress permitted +networkPolicy: + enabled: false + + # ingress: + # - {} + +# Additional environment variables that will be passed to the daemonset +env: {} +## env: +## VARIABLE: value + +prometheus: + monitor: + enabled: false + additionalLabels: {} + namespace: "" + + jobLabel: "" + + # List of pod labels to add to node exporter metrics + # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#servicemonitor + podTargetLabels: [] + + # List of target labels to add to node exporter metrics + # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#servicemonitor + targetLabels: [] + + scheme: http + basicAuth: {} + bearerTokenFile: + tlsConfig: {} + + ## proxyUrl: URL of a proxy that should be used for scraping. + ## + proxyUrl: "" + + ## Override serviceMonitor selector + ## + selectorOverride: {} + + ## Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above. + ## + attachMetadata: + node: false + + relabelings: [] + metricRelabelings: [] + interval: "" + scrapeTimeout: 10s + ## prometheus.monitor.apiVersion ApiVersion for the serviceMonitor Resource(defaults to "monitoring.coreos.com/v1") + apiVersion: "" + + ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. + ## + sampleLimit: 0 + + ## TargetLimit defines a limit on the number of scraped targets that will be accepted. + ## + targetLimit: 0 + + ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelLimit: 0 + + ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelNameLengthLimit: 0 + + ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelValueLengthLimit: 0 + + # PodMonitor defines monitoring for a set of pods. + # ref. https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#podmonitor + # Using a PodMonitor may be preferred in some environments where there is very large number + # of Node Exporter endpoints (1000+) behind a single service. + # The PodMonitor is disabled by default. When switching from ServiceMonitor to PodMonitor, + # the time series resulting from the configuration through PodMonitor may have different labels. + # For instance, there will not be the service label any longer which might + # affect PromQL queries selecting that label. + podMonitor: + enabled: false + # Namespace in which to deploy the pod monitor. Defaults to the release namespace. + namespace: "" + # Additional labels, e.g. setting a label for pod monitor selector as set in prometheus + additionalLabels: {} + # release: kube-prometheus-stack + # PodTargetLabels transfers labels of the Kubernetes Pod onto the target. + podTargetLabels: [] + # apiVersion defaults to monitoring.coreos.com/v1. + apiVersion: "" + # Override pod selector to select pod objects. + selectorOverride: {} + # Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above. + attachMetadata: + node: false + # The label to use to retrieve the job name from. Defaults to label app.kubernetes.io/name. + jobLabel: "" + + # Scheme/protocol to use for scraping. + scheme: "http" + # Path to scrape metrics at. + path: "/metrics" + + # BasicAuth allow an endpoint to authenticate over basic authentication. + # More info: https://prometheus.io/docs/operating/configuration/#endpoint + basicAuth: {} + # Secret to mount to read bearer token for scraping targets. + # The secret needs to be in the same namespace as the pod monitor and accessible by the Prometheus Operator. + # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#secretkeyselector-v1-core + bearerTokenSecret: {} + # TLS configuration to use when scraping the endpoint. + tlsConfig: {} + # Authorization section for this endpoint. + # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#safeauthorization + authorization: {} + # OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer. + # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api-reference/api.md#oauth2 + oauth2: {} + + # ProxyURL eg http://proxyserver:2195. Directs scrapes through proxy to this endpoint. + proxyUrl: "" + # Interval at which endpoints should be scraped. If not specified Prometheus' global scrape interval is used. + interval: "" + # Timeout after which the scrape is ended. If not specified, the Prometheus global scrape interval is used. + scrapeTimeout: "" + # HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data. + honorTimestamps: true + # HonorLabels chooses the metric's labels on collisions with target labels. + honorLabels: true + # Whether to enable HTTP2. Default false. + enableHttp2: "" + # Drop pods that are not running. (Failed, Succeeded). + # Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase + filterRunning: "" + # FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. Default false. + followRedirects: "" + # Optional HTTP URL parameters + params: {} + + # RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds + # relabelings for a few standard Kubernetes fields. The original scrape job's name + # is available via the __tmp_prometheus_job_name label. + # More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config + relabelings: [] + # MetricRelabelConfigs to apply to samples before ingestion. + metricRelabelings: [] + + # SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. + sampleLimit: 0 + # TargetLimit defines a limit on the number of scraped targets that will be accepted. + targetLimit: 0 + # Per-scrape limit on number of labels that will be accepted for a sample. + # Only valid in Prometheus versions 2.27.0 and newer. + labelLimit: 0 + # Per-scrape limit on length of labels name that will be accepted for a sample. + # Only valid in Prometheus versions 2.27.0 and newer. + labelNameLengthLimit: 0 + # Per-scrape limit on length of labels value that will be accepted for a sample. + # Only valid in Prometheus versions 2.27.0 and newer. + labelValueLengthLimit: 0 + +## Customize the updateStrategy if set +updateStrategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 200m + # memory: 50Mi + # requests: + # cpu: 100m + # memory: 30Mi + +# Specify the container restart policy passed to the Node Export container +# Possible Values: Always (default)|OnFailure|Never +restartPolicy: null + +serviceAccount: + # Specifies whether a ServiceAccount should be created + create: true + # The name of the ServiceAccount to use. + # If not set and create is true, a name is generated using the fullname template + name: + annotations: {} + imagePullSecrets: [] + automountServiceAccountToken: false + +securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + +containerSecurityContext: + readOnlyRootFilesystem: true + # capabilities: + # add: + # - SYS_TIME + +rbac: + ## If true, create & use RBAC resources + ## + create: true + +# for deployments that have node_exporter deployed outside of the cluster, list +# their addresses here +endpoints: [] + +# Expose the service to the host network +hostNetwork: true + +# Share the host process ID namespace +hostPID: true + +# Share the host ipc namespace +hostIPC: false + +# Mount the node's root file system (/) at /host/root in the container +hostRootFsMount: + enabled: true + # Defines how new mounts in existing mounts on the node or in the container + # are propagated to the container or node, respectively. Possible values are + # None, HostToContainer, and Bidirectional. If this field is omitted, then + # None is used. More information on: + # https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation + mountPropagation: HostToContainer + +# Mount the node's proc file system (/proc) at /host/proc in the container +hostProcFsMount: + # Possible values are None, HostToContainer, and Bidirectional + mountPropagation: "" + +# Mount the node's sys file system (/sys) at /host/sys in the container +hostSysFsMount: + # Possible values are None, HostToContainer, and Bidirectional + mountPropagation: "" + +## Assign a group of affinity scheduling rules +## The default nodeAffinity excludes Fargate nodes and virtual kubelets from scheduling +## unless overriden by hard node affinity set in the field. +affinity: {} +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchFields: +# - key: metadata.name +# operator: In +# values: +# - target-host-name + +# Annotations to be added to node exporter pods +podAnnotations: + # Fix for very slow GKE cluster upgrades + cluster-autoscaler.kubernetes.io/safe-to-evict: "true" + +# Extra labels to add to node exporter pods (can be templated) +podLabels: {} + +## Extra labels to attach to all resources (can be templated) +commonLabels: {} + +# Annotations to be added to node exporter daemonset +daemonsetAnnotations: {} + +## set to true to add the release label so scraping of the servicemonitor with kube-prometheus-stack works out of the box +releaseLabel: false + +# Custom DNS configuration to be added to prometheus-node-exporter pods +dnsConfig: {} +# nameservers: +# - 1.2.3.4 +# searches: +# - ns1.svc.cluster-domain.example +# - my.dns.search.suffix +# options: +# - name: ndots +# value: "2" +# - name: edns0 + +## Assign a nodeSelector if operating a hybrid cluster +## +nodeSelector: + kubernetes.io/os: linux + # kubernetes.io/arch: amd64 + +# Specify grace period for graceful termination of pods. Defaults to 30 if null or not specified +terminationGracePeriodSeconds: null + +tolerations: + - effect: NoSchedule + operator: Exists + +# Enable or disable container termination message settings +# https://kubernetes.io/docs/tasks/debug/debug-application/determine-reason-pod-failure/ +terminationMessageParams: + enabled: false + # If enabled, specify the path for termination messages + terminationMessagePath: /dev/termination-log + # If enabled, specify the policy for termination messages + terminationMessagePolicy: File + + +## Assign a PriorityClassName to pods if set +# priorityClassName: "" + +## Additional container arguments +## +extraArgs: [] +# - --collector.diskstats.ignored-devices=^(ram|loop|fd|(h|s|v)d[a-z]|nvme\\d+n\\d+p)\\d+$ +# - --collector.textfile.directory=/run/prometheus + +## Additional mounts from the host to node-exporter container +## +extraHostVolumeMounts: [] +# - name: +# hostPath: +# https://kubernetes.io/docs/concepts/storage/volumes/#hostpath-volume-types +# type: "" (Default)|DirectoryOrCreate|Directory|FileOrCreate|File|Socket|CharDevice|BlockDevice +# mountPath: +# readOnly: true|false +# mountPropagation: None|HostToContainer|Bidirectional + +## Additional configmaps to be mounted. +## +configmaps: [] +# - name: +# mountPath: + +secrets: [] +# - name: +# mountPath: + +## Override the deployment namespace +## +namespaceOverride: "" + +## Additional containers for export metrics to text file; fields image,imagePullPolicy,securityContext take default value from main container +## +sidecars: [] +# - name: nvidia-dcgm-exporter +# image: nvidia/dcgm-exporter:1.4.3 +# volumeMounts: +# - name: tmp +# mountPath: /tmp + +## Volume for sidecar containers +## +sidecarVolumeMount: [] +# - name: collector-textfiles +# mountPath: /run/prometheus +# readOnly: false + +## Additional mounts from the host to sidecar containers +## +sidecarHostVolumeMounts: [] +# - name: +# hostPath: +# mountPath: +# readOnly: true|false +# mountPropagation: None|HostToContainer|Bidirectional + +## Additional InitContainers to initialize the pod +## +extraInitContainers: [] + +## Liveness probe +## +livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: [] + scheme: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + +## Readiness probe +## +readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: [] + scheme: http + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + +# Enable vertical pod autoscaler support for prometheus-node-exporter +verticalPodAutoscaler: + enabled: false + + # Recommender responsible for generating recommendation for the object. + # List should be empty (then the default recommender will generate the recommendation) + # or contain exactly one recommender. + # recommenders: + # - name: custom-recommender-performance + + # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory + controlledResources: [] + # Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits. + # controlledValues: RequestsAndLimits + + # Define the max allowed resources for the pod + maxAllowed: {} + # cpu: 200m + # memory: 100Mi + # Define the min allowed resources for the pod + minAllowed: {} + # cpu: 200m + # memory: 100Mi + + # updatePolicy: + # Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction + # minReplicas: 1 + # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates + # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto". + # updateMode: Auto + +# Extra manifests to deploy as an array +extraManifests: [] + # - | + # apiVersion: v1 + # kind: ConfigMap + # metadata: + # name: prometheus-extra + # data: + # extra-data: "value" + +## Extra volumes to become available in the pod +extraVolumes: [] + # - name: extra-volume + # secret: + # defaultMode: 420 + # optional: false + # secretName: node-exporter-secret + +## Extra volume mounts in the node-exporter container +extraVolumeMounts: [] + # - name: extra-volume + # mountPath: /extra + # readOnly: true + +# Override version of app, required if image.tag is defined and does not follow semver +version: "" diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/.helmignore b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/.helmignore new file mode 100644 index 0000000..2ccbd54 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/.helmignore @@ -0,0 +1,24 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +*.md +*.md.gotmpl diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/Chart.lock b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/Chart.lock new file mode 100644 index 0000000..7d366f4 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/Chart.lock @@ -0,0 +1,3 @@ +dependencies: [] +digest: sha256:643d5437104296e21d906ecb15b2c96ad278f20cfc4af53b12bb6069bd853726 +generated: "2024-11-13T12:10:17.363248379Z" diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/Chart.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/Chart.yaml new file mode 100644 index 0000000..a90e9d6 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/Chart.yaml @@ -0,0 +1,28 @@ +annotations: + artifacthub.io/category: monitoring-logging + artifacthub.io/changes: | + - Support custom case for list empty argument. + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Sources + url: https://github.com/VictoriaMetrics/helm-charts/tree/master/charts/victoria-metrics-common + - name: Charts repo + url: https://victoriametrics.github.io/helm-charts/ +apiVersion: v2 +description: Victoria Metrics Common - contains shared templates for all Victoria + Metrics helm charts +keywords: +- victoriametrics +- monitoring +- kubernetes +- observability +- tsdb +- metrics +- metricsql +- timeseries +kubeVersion: '>=1.23.0-0' +name: victoria-metrics-common +sources: +- https://github.com/VictoriaMetrics/helm-charts +type: library +version: 0.0.42 diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/RELEASE_NOTES b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/RELEASE_NOTES new file mode 100644 index 0000000..6de533d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/RELEASE_NOTES @@ -0,0 +1,7 @@ +# Release notes for version 0.0.42 + +**Release date:** 19 Mar 2025 + +![Helm: v3](https://img.shields.io/badge/Helm-v3.14%2B-informational?color=informational&logo=helm&link=https%3A%2F%2Fgithub.com%2Fhelm%2Fhelm%2Freleases%2Ftag%2Fv3.14.0) + +- Support custom case for list empty argument. diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_enterprise.tpl b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_enterprise.tpl new file mode 100644 index 0000000..1890e49 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_enterprise.tpl @@ -0,0 +1,87 @@ +{{- define "vm.license.secret.key" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $plain := (($Values.license).secret).key | default ((($Values.global).license).secret).key -}} + {{- $managed := (($Values.license).keyRef).key | default ((($Values.global).license).keyRef).key }} + {{- if $plain -}} + {{- $plain -}} + {{- else if $managed -}} + {{- $managed -}} + {{- end -}} +{{- end -}} + +{{- define "vm.license.secret.name" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $plain := (($Values.license).secret).name | default ((($Values.global).license).secret).name -}} + {{- $managed := (($Values.license).keyRef).name | default ((($Values.global).license).keyRef).name -}} + {{- if $plain -}} + {{- $plain -}} + {{- else if $managed -}} + {{- $managed -}} + {{- end -}} +{{- end -}} + +{{- define "vm.license.key" -}} + {{- $Values := (.helm).Values | default .Values }} + {{- ($Values.license).key | default (($Values.global).license).key | default "" -}} +{{- end -}} + +{{- define "vm.enterprise.disabled" -}} + {{- $licenseKey := (include "vm.license.key" .) -}} + {{- $licenseSecretKey := (include "vm.license.secret.key" .) -}} + {{- $licenseSecretName := (include "vm.license.secret.name" .) -}} + {{- or .noEnterprise (and (empty $licenseKey) (and (empty $licenseSecretName) (empty $licenseSecretKey))) -}} +{{- end -}} + +{{- define "vm.enterprise.only" -}} + {{- if eq (include "vm.enterprise.disabled" .) "true" }} + {{ fail `Pass valid license at .Values.license or .Values.global.license if you have an enterprise license for running this software. + See https://victoriametrics.com/legal/esa/ for details. + Documentation - https://docs.victoriametrics.com/enterprise + for more information, visit https://victoriametrics.com/products/enterprise/ + To request a trial license, go to https://victoriametrics.com/products/enterprise/trial/` }} + {{- end -}} +{{- end -}} + +{{/* +Return license volume mount +*/}} +{{- define "vm.license.volume" -}} + {{- $licenseSecretKey := (include "vm.license.secret.key" .) -}} + {{- $licenseSecretName := (include "vm.license.secret.name" .) -}} + {{- if and $licenseSecretName $licenseSecretKey -}} +- name: license-key + secret: + secretName: {{ $licenseSecretName }} + {{- end -}} +{{- end -}} + +{{/* +Return license volume mount for container +*/}} +{{- define "vm.license.mount" -}} + {{- $licenseSecretKey := (include "vm.license.secret.key" .) -}} + {{- $licenseSecretName := (include "vm.license.secret.name" .) -}} + {{- if and $licenseSecretName $licenseSecretKey -}} +- name: license-key + mountPath: /etc/vm-license-key + readOnly: true + {{- end -}} +{{- end -}} + +{{/* +Return license flag if necessary. +*/}} +{{- define "vm.license.flag" -}} + {{- $licenseKey := (include "vm.license.key" .) -}} + {{- $licenseSecretKey := (include "vm.license.secret.key" .) -}} + {{- $licenseSecretName := (include "vm.license.secret.name" .) -}} + {{- if $licenseKey -}} + license: {{ $licenseKey }} + {{- else if and $licenseSecretName $licenseSecretKey -}} + {{- $flagName := "licenseFile" -}} + {{- if eq .flagStyle "kebab" }} + {{- $flagName = "license-file" -}} + {{- end -}} + {{- $flagName }}: /etc/vm-license-key/{{ $licenseSecretKey }} + {{- end -}} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_helpers.tpl b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_helpers.tpl new file mode 100644 index 0000000..7983440 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_helpers.tpl @@ -0,0 +1,239 @@ +{{- define "vm.namespace" -}} + {{- include "vm.validate.args" . -}} + {{- $Release := (.helm).Release | default .Release -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $Values.namespaceOverride | default ($Values.global).namespaceOverride | default $Release.Namespace -}} +{{- end -}} + +{{- define "vm.validate.args" -}} + {{- $Chart := (.helm).Chart | default .Chart -}} + {{- $Capabilities := (.helm).Capabilities | default .Capabilities -}} + {{- if semverCompare "<3.14.0" $Capabilities.HelmVersion.Version }} + {{- fail "This chart requires helm version 3.14.0 or higher" }} + {{- end }} + {{- if empty $Chart -}} + {{- fail "invalid template data" -}} + {{- end -}} +{{- end -}} + +{{- /* Expand the name of the chart. */ -}} +{{- define "vm.name" -}} + {{- include "vm.validate.args" . -}} + {{- $Chart := (.helm).Chart | default .Chart -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $nameOverride := $Values.nameOverride | default ($Values.global).nameOverride | default $Chart.Name -}} + {{- if or ($Values.global).disableNameTruncation $Values.disableNameTruncation -}} + {{- $nameOverride -}} + {{- else -}} + {{- $nameOverride | trunc 63 | trimSuffix "-" -}} + {{- end -}} +{{- end -}} + +{{- /* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/ -}} +{{- define "vm.fullname" -}} + {{- include "vm.validate.args" . -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $Chart := (.helm).Chart | default .Chart -}} + {{- $Release := (.helm).Release | default .Release -}} + {{- $fullname := "" -}} + {{- if $Values.fullnameOverride -}} + {{- $fullname = $Values.fullnameOverride -}} + {{- else if ($Values.global).fullnameOverride -}} + {{- $fullname = $Values.global.fullnameOverride -}} + {{- else -}} + {{- $name := default $Chart.Name $Values.nameOverride -}} + {{- if contains $name $Release.Name -}} + {{- $fullname = $Release.Name -}} + {{- else -}} + {{- $fullname = (printf "%s-%s" $Release.Name $name) }} + {{- end -}} + {{- end -}} + {{- $fullname = tpl $fullname . -}} + {{- if or ($Values.global).disableNameTruncation $Values.disableNameTruncation -}} + {{- $fullname -}} + {{- else -}} + {{- $fullname | trunc 63 | trimSuffix "-" -}} + {{- end -}} +{{- end }} + +{{- define "vm.cr.fullname" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $_ := set . "overrideKey" "name" -}} + {{- $fullname := include "vm.internal.key" . -}} + {{- $_ := unset . "overrideKey" -}} + {{- if empty $fullname -}} + {{- $fullname = include "vm.fullname" . -}} + {{- end -}} + {{- $fullname = tpl $fullname . -}} + {{- if or ($Values.global).disableNameTruncation $Values.disableNameTruncation -}} + {{- $fullname -}} + {{- else -}} + {{- $fullname | trunc 63 | trimSuffix "-" -}} + {{- end -}} +{{- end -}} + +{{- define "vm.managed.fullname" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $_ := set . "overrideKey" "name" -}} + {{- $fullname := include "vm.internal.key" . -}} + {{- $_ := unset . "overrideKey" -}} + {{- if empty $fullname -}} + {{- $fullname = include "vm.fullname" . -}} + {{- end -}} + {{- with include "vm.internal.key.default" . -}} + {{- $prefix := ternary . (printf "vm%s" .) (or (hasPrefix "vm" .) (hasPrefix "vl" .)) -}} + {{- $fullname = printf "%s-%s" $prefix $fullname -}} + {{- end -}} + {{- $fullname = tpl $fullname . -}} + {{- if or ($Values.global).disableNameTruncation $Values.disableNameTruncation -}} + {{- $fullname -}} + {{- else -}} + {{- $fullname | trunc 63 | trimSuffix "-" -}} + {{- end -}} +{{- end -}} + +{{- define "vm.plain.fullname" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $_ := set . "overrideKey" "fullnameOverride" -}} + {{- $fullname := include "vm.internal.key" . -}} + {{- $_ := unset . "overrideKey" -}} + {{- if empty $fullname -}} + {{- $fullname = include "vm.fullname" . -}} + {{- with include "vm.internal.key.default" . -}} + {{- $fullname = printf "%s-%s" $fullname . -}} + {{- end -}} + {{- end -}} + {{- $fullname = tpl $fullname . -}} + {{- if or ($Values.global).disableNameTruncation $Values.disableNameTruncation -}} + {{- $fullname -}} + {{- else -}} + {{- $fullname | trunc 63 | trimSuffix "-" -}} + {{- end -}} +{{- end -}} + +{{- define "vm.internal.key" -}} + {{- include "vm.validate.args" . -}} + {{- $overrideKey := .overrideKey | default "fullnameOverride" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $key := "" -}} + {{- if .appKey -}} + {{- $appKey := ternary (list .appKey) .appKey (kindIs "string" .appKey) -}} + {{- $ctx := . -}} + {{- $values := $Values -}} + {{- range $ak := $appKey }} + {{- $values = ternary (default dict) (index $values $ak | default dict) (empty $values) -}} + {{- $ctx = ternary (default dict) (index $ctx $ak | default dict) (empty $ctx) -}} + {{- if and (empty $values) (empty $ctx) -}} + {{- fail (printf "No data for appKey %s" (join "->" $appKey)) -}} + {{- end -}} + {{- if and (kindIs "map" $values) (index $values $overrideKey) -}} + {{- $key = index $values $overrideKey -}} + {{- else if and (kindIs "map" $ctx) (index $ctx $overrideKey) -}} + {{- $key = index $ctx $overrideKey -}} + {{- end -}} + {{- end }} + {{- if and (empty $key) .fallback -}} + {{- $key = include "vm.internal.key.default" . -}} + {{- end -}} + {{- end -}} + {{- $key -}} +{{- end -}} + +{{- define "vm.internal.key.default" -}} + {{- with .appKey -}} + {{- $key := ternary (list .) . (kindIs "string" .) -}} + {{- last (without $key "spec") -}} + {{- end -}} +{{- end -}} + +{{- /* Create chart name and version as used by the chart label. */ -}} +{{- define "vm.chart" -}} + {{- include "vm.validate.args" . -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $Chart := (.helm).Chart | default .Chart -}} + {{- $chart := printf "%s-%s" $Chart.Name $Chart.Version | replace "+" "_" -}} + {{- if or ($Values.global).disableNameTruncation $Values.disableNameTruncation -}} + {{- $chart -}} + {{- else -}} + {{- $chart | trunc 63 | trimSuffix "-" -}} + {{- end }} +{{- end }} + +{{- /* Create the name of the service account to use */ -}} +{{- define "vm.sa.name" -}} + {{- include "vm.validate.args" . -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- if $Values.serviceAccount.create }} + {{- default (include "vm.fullname" .) $Values.serviceAccount.name }} + {{- else -}} + {{- default "default" $Values.serviceAccount.name -}} + {{- end }} +{{- end }} + +{{- define "vm.metaLabels" -}} + {{- include "vm.validate.args" . -}} + {{- $Release := (.helm).Release | default .Release -}} + {{- $labels := .extraLabels | default dict -}} + {{- $_ := set $labels "helm.sh/chart" (include "vm.chart" .) -}} + {{- $_ := set $labels "app.kubernetes.io/managed-by" $Release.Service -}} + {{- toYaml $labels -}} +{{- end -}} + +{{- define "vm.podLabels" -}} + {{- include "vm.validate.args" . -}} + {{- $Release := (.helm).Release | default .Release -}} + {{- $labels := fromYaml (include "vm.selectorLabels" .) -}} + {{- $labels = mergeOverwrite $labels (.extraLabels | default dict) -}} + {{- $_ := set $labels "app.kubernetes.io/managed-by" $Release.Service -}} + {{- toYaml $labels -}} +{{- end -}} + +{{- /* Common labels */ -}} +{{- define "vm.labels" -}} + {{- include "vm.validate.args" . -}} + {{- $labels := fromYaml (include "vm.selectorLabels" .) -}} + {{- $labels = mergeOverwrite $labels (fromYaml (include "vm.metaLabels" .)) -}} + {{- with (include "vm.image.tag" .) }} + {{- $_ := set $labels "app.kubernetes.io/version" (regexReplaceAll "(.*)(@sha.*)" . "${1}") -}} + {{- end -}} + {{- toYaml $labels -}} +{{- end -}} + +{{- define "vm.release" -}} + {{- include "vm.validate.args" . -}} + {{- $Release := (.helm).Release | default .Release -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $release := default $Release.Name $Values.argocdReleaseOverride -}} + {{- if or ($Values.global).disableNameTruncation $Values.disableNameTruncation -}} + {{- $release -}} + {{- else -}} + {{- $release | trunc 63 | trimSuffix "-" -}} + {{- end -}} +{{- end -}} + +{{- define "vm.app.name" -}} + {{- $_ := set . "overrideKey" "name" -}} + {{- $_ := set . "fallback" true -}} + {{- tpl (include "vm.internal.key" .) . -}} + {{- $_ := unset . "overrideKey" -}} + {{- $_ := unset . "fallback" -}} +{{- end -}} + +{{- /* Selector labels */ -}} +{{- define "vm.selectorLabels" -}} + {{- $labels := .extraLabels | default dict -}} + {{- $_ := set $labels "app.kubernetes.io/name" (include "vm.name" .) -}} + {{- $_ := set $labels "app.kubernetes.io/instance" (include "vm.release" .) -}} + {{- with (include "vm.app.name" .) -}} + {{- if eq $.style "managed" -}} + {{- $_ := set $labels "app.kubernetes.io/component" (printf "%s-%s" (include "vm.name" $) .) -}} + {{- else -}} + {{- $_ := set $labels "app" . -}} + {{- end -}} + {{- end -}} + {{- toYaml $labels -}} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_image.tpl b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_image.tpl new file mode 100644 index 0000000..cae561d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_image.tpl @@ -0,0 +1,61 @@ +{{/* +Victoria Metrics Image +*/}} +{{- define "vm.image" -}} + {{- $image := (fromYaml (include "vm.internal.image" .)).image | default dict -}} + {{- $tag := include "vm.image.tag" . -}} + {{- if empty $image.repository -}} + {{- fail "cannot create image without `.repository` defined" -}} + {{- end -}} + {{- $result := tpl (printf "%s:%s" $image.repository $tag) . -}} + {{- with $image.registry | default "" -}} + {{- $result = (printf "%s/%s" . $result) -}} + {{- end -}} + {{- $result -}} +{{- end -}} + +{{- define "vm.image.tag" -}} + {{- $Chart := (.helm).Chart | default .Chart -}} + {{- $image := (fromYaml (include "vm.internal.image" .)).image | default dict -}} + {{- $tag := $image.tag -}} + {{- if empty $tag }} + {{- $tag = $Chart.AppVersion -}} + {{- $variant := $image.variant }} + {{- if eq (include "vm.enterprise.disabled" .) "false" -}} + {{- if $variant }} + {{- $variant = printf "enterprise-%s" $variant }} + {{- else }} + {{- $variant = "enterprise" }} + {{- end }} + {{- end -}} + {{- with $variant -}} + {{- $tag = (printf "%s-%s" $tag .) -}} + {{- end -}} + {{- end -}} + {{- $tag -}} +{{- end -}} + +{{- define "vm.internal.image" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $values := $Values -}} + {{- $ctx := . -}} + {{- with .appKey -}} + {{- $appKey := ternary (list .) . (kindIs "string" .) -}} + {{- range $ak := $appKey -}} + {{- $values = ternary (default dict) (index $values $ak | default dict) (empty $values) -}} + {{- $ctx = ternary (default dict) (index $ctx $ak | default dict) (empty $ctx) -}} + {{- if and (empty $values) (empty $ctx) -}} + {{- fail (printf "No data for appKey %s" (join "->" $appKey)) -}} + {{- end -}} + {{- end -}} + {{- end -}} + {{- $image := ternary $ctx.image $values.image (hasKey $ctx "image") -}} + {{- if not $image.registry }} + {{- if (($Values.global).image).registry -}} + {{- $_ := set $image "registry" (($Values.global).image).registry -}} + {{- else if hasKey $image "registry" -}} + {{- $_ := unset $image "registry" -}} + {{- end -}} + {{- end -}} + {{- toYaml (dict "image" $image) -}} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_ingress.tpl b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_ingress.tpl new file mode 100644 index 0000000..33904d8 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_ingress.tpl @@ -0,0 +1,8 @@ +{{- define "vm.ingress.port" }} + {{- $port := dict "name" "http" }} + {{- with .port }} + {{- $numberTypes := list "int" "float64" }} + {{- $port = dict (ternary "number" "name" (has (kindOf .) $numberTypes)) . }} + {{- end -}} + {{- toYaml $port -}} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_pod.tpl b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_pod.tpl new file mode 100644 index 0000000..7534ae2 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_pod.tpl @@ -0,0 +1,117 @@ +{{- define "vm.port.from.flag" -}} + {{- $port := .default -}} + {{- with .flag -}} + {{- $port = regexReplaceAll ".*:(\\d+)" . "${1}" -}} + {{- end -}} + {{- $port -}} +{{- end }} + +{{- /* +Return true if the detected platform is Openshift +Usage: +{{- include "vm.isOpenshift" . -}} +*/ -}} +{{- define "vm.isOpenshift" -}} + {{- $Capabilities := (.helm).Capabilities | default .Capabilities -}} + {{- if $Capabilities.APIVersions.Has "security.openshift.io/v1" -}} + {{- true -}} + {{- end -}} +{{- end -}} + +{{- /* +Render a compatible securityContext depending on the platform. +Usage: +{{- include "vm.securityContext" (dict "securityContext" .Values.containerSecurityContext "helm" .) -}} +*/ -}} +{{- define "vm.securityContext" -}} + {{- $securityContext := omit .securityContext "enabled" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $adaptMode := (((($Values).global).compatibility).openshift).adaptSecurityContext | default "" -}} + {{- if or (eq $adaptMode "force") (and (eq $adaptMode "auto") (include "vm.isOpenshift" .)) -}} + {{- $securityContext = omit $securityContext "fsGroup" "runAsUser" "runAsGroup" "seLinuxOptions" -}} + {{- end -}} + {{- toYaml $securityContext -}} +{{- end -}} + +{{- /* +Render probe +*/ -}} +{{- define "vm.probe" -}} + {{- /* undefined value */ -}} + {{- $null := (fromYaml "value: null").value -}} + {{- $probe := dig .type (default dict) .app.probe -}} + {{- $probeType := "" -}} + {{- $defaultProbe := default dict -}} + {{- if ne (dig "httpGet" $null $probe) $null -}} + {{- /* httpGet probe */ -}} + {{- $defaultProbe = dict "path" (include "vm.probe.http.path" .) "scheme" (include "vm.probe.http.scheme" .) "port" (include "vm.probe.port" .) -}} + {{- $probeType = "httpGet" -}} + {{- else if ne (dig "tcpSocket" $null $probe) $null -}} + {{- /* tcpSocket probe */ -}} + {{- $defaultProbe = dict "port" (include "vm.probe.port" .) -}} + {{- $probeType = "tcpSocket" -}} + {{- end -}} + {{- $defaultProbe = ternary (default dict) (dict $probeType $defaultProbe) (empty $probeType) -}} + {{- $probe = mergeOverwrite $defaultProbe $probe -}} + {{- range $key, $value := $probe -}} + {{- if and (has (kindOf $value) (list "object" "map")) (ne $key $probeType) -}} + {{- $_ := unset $probe $key -}} + {{- end -}} + {{- end -}} + {{- tpl (toYaml $probe) . -}} +{{- end -}} + +{{- /* +HTTP GET probe path +*/ -}} +{{- define "vm.probe.http.path" -}} + {{- index .app.extraArgs "http.pathPrefix" | default "" | trimSuffix "/" -}}/health +{{- end -}} + +{{- /* +HTTP GET probe scheme +*/ -}} +{{- define "vm.probe.http.scheme" -}} + {{- $isSecure := false -}} + {{- with ((.app).extraArgs).tls -}} + {{- $isSecure = eq (toString .) "true" -}} + {{- end -}} + {{- ternary "HTTPS" "HTTP" $isSecure -}} +{{- end -}} + +{{- /* +Net probe port +*/ -}} +{{- define "vm.probe.port" -}} + {{- dig "ports" "name" "http" (.app | dict) -}} +{{- end -}} + +{{- define "vm.arg" -}} + {{- if and (empty .value) (kindIs "string" .value) (ne (toString .list) "true") }} + {{- .key -}} + {{- else if eq (toString .value) "true" -}} + -{{ ternary "" "-" (eq (len .key) 1) }}{{ .key }} + {{- else -}} + -{{ ternary "" "-" (eq (len .key) 1) }}{{ .key }}={{ ternary (toJson .value | squote) .value (has (kindOf .value) (list "map" "slice")) }} + {{- end -}} +{{- end -}} + +{{- /* +command line arguments +*/ -}} +{{- define "vm.args" -}} + {{- $args := default list -}} + {{- range $key, $value := . -}} + {{- if not $key -}} + {{- fail "Empty key in command line args is not allowed" -}} + {{- end -}} + {{- if kindIs "slice" $value -}} + {{- range $v := $value -}} + {{- $args = append $args (include "vm.arg" (dict "key" $key "value" $v "list" true)) -}} + {{- end -}} + {{- else -}} + {{- $args = append $args (include "vm.arg" (dict "key" $key "value" $value)) -}} + {{- end -}} + {{- end -}} + {{- toYaml (dict "args" $args) -}} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_service.tpl b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_service.tpl new file mode 100644 index 0000000..77a1365 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/templates/_service.tpl @@ -0,0 +1,88 @@ +{{- /* Create the name for VM service */ -}} +{{- define "vm.service" -}} + {{- include "vm.validate.args" . -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $nameTpl := "" -}} + {{- if eq .style "managed" -}} + {{- $nameTpl = "vm.managed.fullname" }} + {{- else if eq .style "plain" -}} + {{- $nameTpl = "vm.plain.fullname" }} + {{- else -}} + {{- fail ".style argument should be either `plain` or `managed`"}} + {{- end -}} + {{- include $nameTpl . -}} +{{- end }} + +{{- define "vm.fqdn" -}} + {{- $name := (include "vm.service" .) -}} + {{- if hasKey . "appIdx" -}} + {{- $name = (printf "%s-%d.%s" $name .appIdx $name) -}} + {{- end -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $ns := (include "vm.namespace" .) -}} + {{- $fqdn := printf "%s.%s.svc" $name $ns -}} + {{- with (($Values.global).cluster).dnsDomain -}} + {{- $fqdn = printf "%s.%s" $fqdn . -}} + {{- end -}} + {{- $fqdn -}} +{{- end -}} + +{{- define "vm.host" -}} + {{- $fqdn := (include "vm.fqdn" .) -}} + {{- $port := 80 -}} + {{- $isSecure := ternary false true (empty .appSecure) -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- if .appKey -}} + {{- $appKey := ternary (list .appKey) .appKey (kindIs "string" .appKey) -}} + {{- $values := $Values -}} + {{- $ctx := . -}} + {{- range $ak := $appKey -}} + {{- $values = ternary (default dict) (index $values $ak | default dict) (empty $values) -}} + {{- $ctx = ternary (default dict) (index $ctx $ak | default dict) (empty $ctx) -}} + {{- end -}} + {{- $spec := default dict -}} + {{- if $ctx -}} + {{- $spec = $ctx -}} + {{- else if $values -}} + {{- $spec = $values -}} + {{- end -}} + {{- with ($spec.extraArgs).tls -}} + {{- $isSecure = eq (toString .) "true" -}} + {{- end -}} + {{- $port = (ternary 443 80 $isSecure) -}} + {{- $port = $spec.port | default ($spec.service).servicePort | default ($spec.service).port | default $port -}} + {{- if hasKey . "appIdx" -}} + {{- $port = (include "vm.port.from.flag" (dict "flag" ($spec.extraArgs).httpListenAddr "default" $port)) -}} + {{- end }} + {{- end }} + {{- $fqdn }}:{{ $port }} +{{- end -}} + +{{- define "vm.url" -}} + {{- $host := (include "vm.host" .) -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $proto := "http" -}} + {{- $path := .appRoute | default "/" -}} + {{- $isSecure := ternary false true (empty .appSecure) -}} + {{- if .appKey -}} + {{- $appKey := ternary (list .appKey) .appKey (kindIs "string" .appKey) -}} + {{- $values := $Values -}} + {{- $ctx := . -}} + {{- range $ak := $appKey -}} + {{- $values = ternary (default dict) (index $values $ak | default dict) (empty $values) -}} + {{- $ctx = ternary (default dict) (index $ctx $ak | default dict) (empty $ctx) -}} + {{- end -}} + {{- $spec := default dict -}} + {{- if $values -}} + {{- $spec = $values -}} + {{- else if $ctx -}} + {{- $spec = $ctx -}} + {{- end -}} + {{- with ($spec.extraArgs).tls -}} + {{- $isSecure = eq (toString .) "true" -}} + {{- end -}} + {{- $proto = (ternary "https" "http" $isSecure) -}} + {{- $path = dig "http.pathPrefix" $path ($spec.extraArgs | default dict) -}} + {{- end -}} + {{- printf "%s://%s%s" $proto $host (trimSuffix "/" $path) -}} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/values.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/values.yaml new file mode 100644 index 0000000..fb6bffd --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-common/values.yaml @@ -0,0 +1 @@ +unitTest: false diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/.helmignore b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/.helmignore new file mode 100644 index 0000000..b0ebedb --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/.helmignore @@ -0,0 +1,27 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +*.md +*.md.gotmpl +e2e/ +lint/ +tests/ diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/Chart.lock b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/Chart.lock new file mode 100644 index 0000000..6c7b4c5 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/Chart.lock @@ -0,0 +1,9 @@ +dependencies: +- name: victoria-metrics-common + repository: https://victoriametrics.github.io/helm-charts + version: 0.0.42 +- name: crds + repository: "" + version: 0.0.* +digest: sha256:d186ad6f54d64a2f828cd80a136e06dcf1f30dbc8ae94964bb9b166ee32eb30e +generated: "2025-03-19T09:59:22.84209872Z" diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/Chart.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/Chart.yaml new file mode 100644 index 0000000..ae05b57 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/Chart.yaml @@ -0,0 +1,45 @@ +annotations: + artifacthub.io/category: monitoring-logging + artifacthub.io/changes: | + - updates operator to [v0.60.2](https://github.com/VictoriaMetrics/operator/releases/tag/v0.60.2) version + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Sources + url: https://github.com/VictoriaMetrics/helm-charts/tree/master/charts/victoria-metrics-operator + - name: Charts repo + url: https://victoriametrics.github.io/helm-charts/ + - name: Docs + url: https://docs.victoriametrics.com/operator + - name: Changelog + url: https://docs.victoriametrics.com/operator/changelog + artifacthub.io/operator: "true" +apiVersion: v2 +appVersion: v0.60.2 +dependencies: +- name: victoria-metrics-common + repository: https://victoriametrics.github.io/helm-charts + version: 0.0.* +- condition: crds.plain + name: crds + repository: "" + version: 0.0.* +description: VictoriaMetrics Operator +home: https://github.com/VictoriaMetrics/operator +icon: https://avatars.githubusercontent.com/u/43720803?s=200&v=4 +keywords: +- victoriametrics +- operator +- monitoring +- kubernetes +- observability +- tsdb +- metrics +- metricsql +- timeseries +kubeVersion: '>=1.25.0-0' +name: victoria-metrics-operator +sources: +- https://github.com/VictoriaMetrics/helm-charts +- https://github.com/VictoriaMetrics/operator +type: application +version: 0.50.3 diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/RELEASE_NOTES b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/RELEASE_NOTES new file mode 100644 index 0000000..59c0dda --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/RELEASE_NOTES @@ -0,0 +1,7 @@ +# Release notes for version 0.50.3 + +**Release date:** 27 Jun 2025 + +![Helm: v3](https://img.shields.io/badge/Helm-v3.14%2B-informational?color=informational&logo=helm&link=https%3A%2F%2Fgithub.com%2Fhelm%2Fhelm%2Freleases%2Ftag%2Fv3.14.0) ![AppVersion: v0.60.2](https://img.shields.io/badge/v0.60.2-success?logo=VictoriaMetrics&labelColor=gray&link=https%3A%2F%2Fdocs.victoriametrics.com%2Foperator%2Fchangelog%23v0602) + +- updates operator to [v0.60.2](https://github.com/VictoriaMetrics/operator/releases/tag/v0.60.2) version diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/crds/Chart.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/crds/Chart.yaml new file mode 100644 index 0000000..ecd8e7b --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/crds/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +appVersion: 0.0.0 +description: A subchart stores victoriametrics operator CRDs. +name: crds +type: application +version: 0.0.0 diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/crds/crds/crd.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/crds/crds/crd.yaml new file mode 100644 index 0000000..f618b66 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/crds/crds/crd.yaml @@ -0,0 +1,36669 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vlclusters.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VLCluster + listKind: VLClusterList + plural: vlclusters + singular: vlcluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: replicas of VLInsert + jsonPath: .spec.vlinsert.replicaCount + name: Insert Count + type: string + - description: replicas of VLStorage + jsonPath: .spec.vlstorage.replicaCount + name: Storage Count + type: string + - description: replicas of VLSelect + jsonPath: .spec.vlselect.replicaCount + name: Select Count + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Current status of cluster + jsonPath: .status.updateStatus + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: VLCluster is fast, cost-effective and scalable logs database. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VLClusterSpec defines the desired state of VLCluster + properties: + clusterDomainName: + description: |- + ClusterDomainName defines domain name suffix for in-cluster dns addresses + aka .cluster.local + used by vlinsert and vlselect to build vlstorage address + type: string + clusterVersion: + description: |- + ClusterVersion defines default images tag for all components. + it can be overwritten with component specific image.tag value. + type: string + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + requestsLoadBalancer: + description: |- + RequestsLoadBalancer configures load-balancing for vlinsert and vlselect requests. + It helps to evenly spread load across pods. + Usually it's not possible with Kubernetes TCP-based services. + properties: + disableInsertBalancing: + type: boolean + disableSelectBalancing: + type: boolean + enabled: + type: boolean + spec: + description: |- + VMAuthLoadBalancerSpec defines configuration spec for VMAuth used as load-balancer + for VMCluster component + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + serviceAccountName: + description: |- + ServiceAccountName is the name of the ServiceAccount to use to run the + VLSelect, VLInsert and VLStorage Pods. + type: string + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + vlinsert: + description: VLInsert defines vlinsert component configuration at + victoria-logs cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + hpa: + description: Configures horizontal pod autoscaling. + type: object + x-kubernetes-preserve-unknown-fields: true + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VLSelect to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VLSelect to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VLSelect pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vlselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vlselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + syslogSpec: + description: SyslogSpec defines syslog listener configuration + properties: + tcpListeners: + description: TCPListeners defines syslog server TCP listener + configuration + items: + description: SyslogTCPListener defines configuration for + TCP syslog server listen + properties: + compressMethod: + description: |- + CompressMethod for syslog messages + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression + pattern: ^(none|zstd|gzip|deflate)$ + type: string + decolorizeFields: + description: |- + DecolorizeFields to remove ANSI color codes across logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields + type: string + ignoreFields: + description: |- + IgnoreFields to ignore at logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields + type: string + listenPort: + description: ListenPort defines listen port + format: int32 + type: integer + streamFields: + description: |- + StreamFields to use as log stream labels + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields + type: string + tenantID: + description: |- + TenantID for logs ingested in form of accountID:projectID + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs + type: string + tlsConfig: + description: TLSServerConfig defines VictoriaMetrics + TLS configuration for the application's server + properties: + certFile: + description: |- + CertFile defines path to the pre-mounted file with certificate + mutually exclusive with CertSecretRef + type: string + certSecret: + description: |- + CertSecretRef defines reference for secret with certificate content under given key + mutually exclusive with CertFile + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + keyFile: + description: |- + KeyFile defines path to the pre-mounted file with certificate key + mutually exclusive with KeySecretRef + type: string + keySecret: + description: |- + Key defines reference for secret with certificate key content under given key + mutually exclusive with KeyFile + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - listenPort + type: object + type: array + udpListeners: + description: UDPListeners defines syslog server UDP listener + configuration + items: + description: SyslogUDPListener defines configuration for + UDP syslog server listen + properties: + compressMethod: + description: |- + CompressMethod for syslog messages + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression + pattern: ^(none|zstd|gzip|deflate)$ + type: string + decolorizeFields: + description: |- + DecolorizeFields to remove ANSI color codes across logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields + type: string + ignoreFields: + description: |- + IgnoreFields to ignore at logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields + type: string + listenPort: + description: ListenPort defines listen port + format: int32 + type: integer + streamFields: + description: |- + StreamFields to use as log stream labels + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields + type: string + tenantID: + description: |- + TenantID for logs ingested in form of accountID:projectID + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs + type: string + required: + - listenPort + type: object + type: array + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: UpdateStrategy - overrides default update strategy. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + vlselect: + description: VLSelect defines vlselect component configuration at + victoria-logs cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + hpa: + description: Configures horizontal pod autoscaling. + type: object + x-kubernetes-preserve-unknown-fields: true + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VLSelect to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VLSelect to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VLSelect pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vlselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vlselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: UpdateStrategy - overrides default update strategy. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + vlstorage: + description: VLStorage defines vlstorage component configuration at + victoria-logs cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for StatefulSet + items: + description: PersistentVolumeClaim is a user's request for and + claim to a persistent volume + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + futureRetention: + description: |- + FutureRetention for the stored logs + Log entries with timestamps bigger than now+futureRetention are rejected during data ingestion; see https://docs.victoriametrics.com/victorialogs/#retention + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VLStorage to be configured with. + default or json + enum: + - default + - json + type: string + logIngestedRows: + description: Whether to log all the ingested log entries; this + can be useful for debugging of data ingestion; see https://docs.victoriametrics.com/victorialogs/data-ingestion/ + type: boolean + logLevel: + description: LogLevel for VLStorage to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + logNewStreams: + description: LogNewStreams Whether to log creation of new streams; + this can be useful for debugging of high cardinality issues + with log streams; see https://docs.victoriametrics.com/victorialogs/keyconcepts/#stream-fields + type: boolean + maintenanceInsertNodeIDs: + description: |- + MaintenanceInsertNodeIDs - excludes given node ids from insert requests routing, must contain pod suffixes - for pod-0, id will be 0 and etc. + lets say, you have pod-0, pod-1, pod-2, pod-3. to exclude pod-0 and pod-3 from insert routing, define nodeIDs: [0,3]. + Useful at storage expanding, when you want to rebalance some data at cluster. + items: + format: int32 + type: integer + type: array + maintenanceSelectNodeIDs: + description: MaintenanceInsertNodeIDs - excludes given node ids + from select requests routing, must contain pod suffixes - for + pod-0, id will be 0 and etc. + items: + format: int32 + type: integer + type: array + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VLStorage pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + retentionMaxDiskSpaceUsageBytes: + description: |- + RetentionMaxDiskSpaceUsageBytes for the stored logs + VictoriaLogs keeps at least two last days of data in order to guarantee that the logs for the last day can be returned in queries. + This means that the total disk space usage may exceed the -retention.maxDiskSpaceUsageBytes, + if the size of the last two days of data exceeds the -retention.maxDiskSpaceUsageBytes. + https://docs.victoriametrics.com/victorialogs/#retention-by-disk-space-usage + type: string + retentionPeriod: + description: |- + RetentionPeriod for the stored logs + https://docs.victoriametrics.com/victorialogs/#retention + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy defines strategy for application updates + Default is OnDelete, in this case operator handles update process + Can be changed for RollingUpdate + type: string + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vlselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vlselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: Storage configures persistent volume for VLStorage + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the VMAlertManager StatefulSets. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + storageDataPath: + description: StorageDataPath - path to storage data + type: string + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + status: + description: VLClusterStatus defines the observed state of VLCluster + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vlogs.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VLogs + listKind: VLogsList + plural: vlogs + singular: vlogs + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of logs instance update process + jsonPath: .status.status + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VLogs is fast, cost-effective and scalable logs database. + VLogs is the Schema for the vlogs API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + VLogsSpec defines the desired state of VLogs + VLogs is deprecated, migrate to the VLSingle + required: + - retentionPeriod + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: VLogsStatus defines the observed state of VLogs + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vlsingles.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VLSingle + listKind: VLSingleList + plural: vlsingles + singular: vlsingle + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of logs instance update process + jsonPath: .status.status + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: |- + VLSingle is fast, cost-effective and scalable logs database. + VLSingle is the Schema for the API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VLSingleSpec defines the desired state of VLSingle + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + futureRetention: + description: |- + FutureRetention for the stored logs + Log entries with timestamps bigger than now+futureRetention are rejected during data ingestion; see https://docs.victoriametrics.com/victorialogs/#retention + pattern: ^[0-9]+(h|d|y)?$ + type: string + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VLSingle to be configured with. + enum: + - default + - json + type: string + logIngestedRows: + description: Whether to log all the ingested log entries; this can + be useful for debugging of data ingestion; see https://docs.victoriametrics.com/victorialogs/data-ingestion/ + type: boolean + logLevel: + description: LogLevel for VictoriaLogs to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + logNewStreams: + description: LogNewStreams Whether to log creation of new streams; + this can be useful for debugging of high cardinality issues with + log streams; see https://docs.victoriametrics.com/victorialogs/keyconcepts/#stream-fields + type: boolean + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the VLSingle pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + retentionMaxDiskSpaceUsageBytes: + description: |- + RetentionMaxDiskSpaceUsageBytes for the stored logs + VictoriaLogs keeps at least two last days of data in order to guarantee that the logs for the last day can be returned in queries. + This means that the total disk space usage may exceed the -retention.maxDiskSpaceUsageBytes, + if the size of the last two days of data exceeds the -retention.maxDiskSpaceUsageBytes. + https://docs.victoriametrics.com/victorialogs/#retention-by-disk-space-usage + type: string + retentionPeriod: + description: |- + RetentionPeriod for the stored logs + https://docs.victoriametrics.com/victorialogs/#retention + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vlsingle VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vlsingle service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + Storage is the definition of how storage will be used by the VLSingle + by default it`s empty dir + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the PersistentVolume + backing this claim. + type: string + type: object + storageDataPath: + description: |- + StorageDataPath disables spec.storage option and overrides arg for victoria-logs binary --storageDataPath, + its users responsibility to mount proper device into given path. + type: string + storageMetadata: + description: StorageMeta defines annotations and labels attached to + PVC for given vlsingle CR + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + status: + description: VLSingleStatus defines the observed state of VLSingle + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmagents.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAgent + listKind: VMAgentList + plural: vmagents + singular: vmagent + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: current number of shards + jsonPath: .status.shards + name: Shards Count + type: integer + - description: current number of replicas + jsonPath: .status.replicas + name: Replica Count + type: integer + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMAgent - is a tiny but brave agent, which helps you collect metrics from various sources and stores them in VictoriaMetrics + or any other Prometheus-compatible storage system that supports the remote_write protocol. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMAgentSpec defines the desired state of VMAgent + properties: + aPIServerConfig: + description: |- + APIServerConfig allows specifying a host and auth methods to access apiserver. + If left empty, VMAgent is assumed to run inside of the cluster + and will discover API servers automatically and use the pod's CA certificate + and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. + aPIServerConfig is deprecated use apiServerConfig instead + required: + - host + type: object + x-kubernetes-preserve-unknown-fields: true + additionalScrapeConfigs: + description: |- + AdditionalScrapeConfigs As scrape configs are appended, the user is responsible to make sure it + is valid. Note that using this feature may expose the possibility to + break upgrades of VMAgent. It is advised to review VMAgent release + notes to ensure that no incompatible scrape configs are going to break + VMAgent after the upgrade. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + apiServerConfig: + description: |- + APIServerConfig allows specifying a host and auth methods to access apiserver. + If left empty, VMAgent is assumed to run inside of the cluster + and will discover API servers automatically and use the pod's CA certificate + and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. + properties: + authorization: + description: Authorization configures generic authorization params + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerToken: + description: Bearer token for accessing apiserver. + type: string + bearerTokenFile: + description: File to read bearer token for accessing apiserver. + type: string + host: + description: |- + Host of apiserver. + A valid string consisting of a hostname or IP followed by an optional port number + type: string + tlsConfig: + description: TLSConfig Config to use for accessing apiserver. + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for + the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - host + type: object + arbitraryFSAccessThroughSMs: + description: |- + ArbitraryFSAccessThroughSMs configures whether configuration + based on EndpointAuth can access arbitrary files on the file system + of the VMAgent container e.g. bearer token files, basic auth, tls certs + properties: + deny: + type: boolean + type: object + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for VMAgent in StatefulMode + items: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + x-kubernetes-preserve-unknown-fields: true + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status of + resource being resized for the given PVC.\nKey names follow + standard Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus + can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with a + terminal error.\n\t- NodeResizePending:\n\t\tState set + when resize controller has finished resizing the volume + but further resizing of\n\t\tvolume is needed on the node.\n\t- + NodeResizeInProgress:\n\t\tState set when kubelet starts + resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, it + means that no resize operation is in progress for the + given PVC.\n\nA controller that receives PVC update with + previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources allocated + to a PVC including its capacity.\nKey names follow standard + Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nCapacity + reported here may be larger than the actual capacity when + a volume expansion operation\nis requested.\nFor storage + quota, the larger value from allocatedResources and PVC.spec.resources + is used.\nIf allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and if + the actual volume capacity\nis equal or lower than the + requested capacity.\n\nA controller that receives PVC + update with previously unknown resourceName\nshould ignore + the update for the purpose it was designed. For example + - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources of + the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains details + about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed the + condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the condition + transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible indicates + that the request has been rejected as invalid by the + CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass + needs to be specified.\nNote: New statuses can be + added in the future. Consumers should check for unknown + statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: array + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configReloadAuthKeySecret: + description: |- + ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. + Given secret reference will be added to the application and vm-config-reloader as volume + available since v0.57.0 version + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + configReloaderExtraArgs: + additionalProperties: + type: string + description: |- + ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container + for example resyncInterval: "30s" + type: object + configReloaderImageTag: + description: ConfigReloaderImageTag defines image:tag for config-reloader + container + type: string + configReloaderResources: + description: |- + ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + daemonSetMode: + description: |- + DaemonSetMode enables DaemonSet deployment mode instead of Deployment. + Supports only VMPodScrape + (available from v0.55.0). + Cannot be used with statefulMode + type: boolean + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + enableKubernetesAPISelectors: + description: |- + EnableKubernetesAPISelectors instructs vmagent to use CRD scrape objects spec.selectors for + Kubernetes API list and watch requests. + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#list-and-watch-filtering + It could be useful to reduce Kubernetes API server resource usage for serving less than 100 CRD scrape objects in total. + type: boolean + enforcedNamespaceLabel: + description: |- + EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert + and metric that is user created. The label value will always be the namespace of the object that is + being created. + type: string + externalLabels: + additionalProperties: + type: string + description: |- + ExternalLabels The labels to add to any time series scraped by vmagent. + it doesn't affect metrics ingested directly by push API's + type: object + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + ignoreNamespaceSelectors: + description: |- + IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from + scrape objects, and they will only discover endpoints + within their current namespace. Defaults to false. + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + ingestOnlyMode: + description: |- + IngestOnlyMode switches vmagent into unmanaged mode + it disables any config generation for scraping + Currently it prevents vmagent from managing tls and auth options for remote write + type: boolean + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + inlineRelabelConfig: + description: InlineRelabelConfig - defines GlobalRelabelConfig for + vmagent, can be defined directly at CRD. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + inlineScrapeConfig: + description: |- + InlineScrapeConfig As scrape configs are appended, the user is responsible to make sure it + is valid. Note that using this feature may expose the possibility to + break upgrades of VMAgent. It is advised to review VMAgent release + notes to ensure that no incompatible scrape configs are going to break + VMAgent after the upgrade. + it should be defined as single yaml file. + inlineScrapeConfig: | + - job_name: "prometheus" + static_configs: + - targets: ["localhost:9090"] + type: string + insertPorts: + description: InsertPorts - additional listen ports for data ingestion. + properties: + graphitePort: + description: GraphitePort listen port + type: string + influxPort: + description: InfluxPort listen port + type: string + openTSDBHTTPPort: + description: OpenTSDBHTTPPort for http connections. + type: string + openTSDBPort: + description: OpenTSDBPort for tcp and udp listen + type: string + type: object + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/enterprise) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VMAgent to be configured with. + enum: + - default + - json + type: string + logLevel: + description: |- + LogLevel for VMAgent to be configured with. + INFO, WARN, ERROR, FATAL, PANIC + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + maxScrapeInterval: + description: |- + MaxScrapeInterval allows limiting maximum scrape interval for VMServiceScrape, VMPodScrape and other scrapes + If interval is higher than defined limit, `maxScrapeInterval` will be used. + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + minScrapeInterval: + description: |- + MinScrapeInterval allows limiting minimal scrape interval for VMServiceScrape, VMPodScrape and other scrapes + If interval is lower than defined limit, `minScrapeInterval` will be used. + type: string + nodeScrapeNamespaceSelector: + description: |- + NodeScrapeNamespaceSelector defines Namespaces to be selected for VMNodeScrape discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + nodeScrapeRelabelTemplate: + description: |- + NodeScrapeRelabelTemplate defines relabel config, that will be added to each VMNodeScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + nodeScrapeSelector: + description: |- + NodeScrapeSelector defines VMNodeScrape to be selected for scraping. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + overrideHonorLabels: + description: |- + OverrideHonorLabels if set to true overrides all user configured honor_labels. + If HonorLabels is set in scrape objects to true, this overrides honor_labels to false. + type: boolean + overrideHonorTimestamps: + description: OverrideHonorTimestamps allows to globally enforce honoring + timestamps in all scrape configs. + type: boolean + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the vmagent pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + podScrapeNamespaceSelector: + description: |- + PodScrapeNamespaceSelector defines Namespaces to be selected for VMPodScrape discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + podScrapeRelabelTemplate: + description: |- + PodScrapeRelabelTemplate defines relabel config, that will be added to each VMPodScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + podScrapeSelector: + description: |- + PodScrapeSelector defines PodScrapes to be selected for target discovery. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + probeNamespaceSelector: + description: |- + ProbeNamespaceSelector defines Namespaces to be selected for VMProbe discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + probeScrapeRelabelTemplate: + description: |- + ProbeScrapeRelabelTemplate defines relabel config, that will be added to each VMProbeScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + probeSelector: + description: |- + ProbeSelector defines VMProbe to be selected for target probing. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + relabelConfig: + description: |- + RelabelConfig ConfigMap with global relabel config -remoteWrite.relabelConfig + This relabeling is applied to all the collected metrics before sending them to remote storage. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + remoteWrite: + description: |- + RemoteWrite list of victoria metrics /some other remote write system + for vm it must looks like: http://victoria-metrics-single:8429/api/v1/write + or for cluster different url + https://github.com/VictoriaMetrics/VictoriaMetrics/tree/master/app/vmagent#splitting-data-streams-among-multiple-systems + items: + description: VMAgentRemoteWriteSpec defines the remote storage configuration + for VmAgent + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + forceVMProto: + description: ForceVMProto forces using VictoriaMetrics protocol + for sending data to -remoteWrite.url + type: boolean + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + inlineUrlRelabelConfig: + description: InlineUrlRelabelConfig defines relabeling config + for remoteWriteURL, it can be defined at crd spec. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + maxDiskUsage: + description: |- + MaxDiskUsage defines the maximum file-based buffer size in bytes for the given remoteWrite + It overrides global configuration defined at remoteWriteSettings.maxDiskUsagePerURL + x-kubernetes-preserve-unknown-fields: true + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: 'ProxyURL for -remoteWrite.url. Supported proxies: + http, https, socks5. Example: socks5://proxy:1234' + type: string + sendTimeout: + description: Timeout for sending a single block of data to -remoteWrite.url + (default 1m0s) + pattern: '[0-9]+(ms|s|m|h)' + type: string + streamAggrConfig: + description: StreamAggrConfig defines stream aggregation configuration + for VMAgent for -remoteWrite.url + properties: + configmap: + description: ConfigMap with stream aggregation rules + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + dedupInterval: + description: Allows setting different de-duplication intervals + per each configured remote storage + type: string + dropInput: + description: Allow drop all the input samples after the + aggregation + type: boolean + dropInputLabels: + description: labels to drop from samples for aggregator + before stream de-duplication and aggregation + items: + type: string + type: array + enableWindows: + description: EnableWindows enables aggregating data in separate + windows ( available from v0.54.0). + type: boolean + ignoreFirstIntervals: + description: IgnoreFirstIntervals instructs to ignore first + interval + type: integer + ignoreOldSamples: + description: IgnoreOldSamples instructs to ignore samples + with old timestamps outside the current aggregation interval. + type: boolean + keepInput: + description: Allows writing both raw and aggregate data + type: boolean + rules: + description: Stream aggregation rules + items: + description: StreamAggrRule defines the rule in stream + aggregation config + properties: + by: + description: |- + By is an optional list of labels for grouping input series. + + See also Without. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + dedup_interval: + description: DedupInterval is an optional interval + for deduplication. + type: string + drop_input_labels: + description: |- + DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples. + + Labels are dropped before de-duplication and aggregation. + items: + type: string + type: array + enable_windows: + description: EnableWindows enables aggregating data + in separate windows + type: boolean + flush_on_shutdown: + description: |- + FlushOnShutdown defines whether to flush the aggregation state on process termination + or config reload. Is `false` by default. + It is not recommended changing this setting, unless unfinished aggregations states + are preferred to missing data points. + type: boolean + ignore_first_intervals: + type: integer + ignore_old_samples: + description: IgnoreOldSamples instructs to ignore + samples with old timestamps outside the current + aggregation interval. + type: boolean + input_relabel_configs: + description: |- + InputRelabelConfigs is an optional relabeling rules, which are applied on the input + before aggregation. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex + matching. Default is 'replace' + type: string + if: + description: 'If represents metricsQL match + expression (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match + for `action: graphite`' + type: object + match: + description: 'Match is used together with Labels + for `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of + the source label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + interval: + description: Interval is the interval between aggregations. + type: string + keep_metric_names: + description: KeepMetricNames instructs to leave metric + names as is for the output time series without adding + any suffix. + type: boolean + match: + description: |- + Match is a label selector (or list of label selectors) for filtering time series for the given selector. + + If the match isn't set, then all the input time series are processed. + x-kubernetes-preserve-unknown-fields: true + no_align_flush_to_interval: + description: |- + NoAlignFlushToInterval disables aligning of flushes to multiples of Interval. + By default flushes are aligned to Interval. + type: boolean + output_relabel_configs: + description: |- + OutputRelabelConfigs is an optional relabeling rules, which are applied + on the aggregated output before being sent to remote storage. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex + matching. Default is 'replace' + type: string + if: + description: 'If represents metricsQL match + expression (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match + for `action: graphite`' + type: object + match: + description: 'Match is used together with Labels + for `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of + the source label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + outputs: + description: |- + Outputs is a list of output aggregate functions to produce. + + The following names are allowed: + + - total - aggregates input counters + - increase - counts the increase over input counters + - count_series - counts the input series + - count_samples - counts the input samples + - sum_samples - sums the input samples + - last - the last biggest sample value + - min - the minimum sample value + - max - the maximum sample value + - avg - the average value across all the samples + - stddev - standard deviation across all the samples + - stdvar - standard variance across all the samples + - histogram_bucket - creates VictoriaMetrics histogram for input samples + - quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1] + + The output time series will have the following names: + + input_name:aggr__ + items: + type: string + type: array + staleness_interval: + description: |- + Staleness interval is interval after which the series state will be reset if no samples have been sent during it. + The parameter is only relevant for outputs: total, total_prometheus, increase, increase_prometheus and histogram_bucket. + type: string + without: + description: |- + Without is an optional list of labels, which must be excluded when grouping input series. + + See also By. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + required: + - interval + - outputs + type: object + type: array + type: object + tlsConfig: + description: TLSConfig describes tls configuration for remote + write target + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + url: + description: URL of the endpoint to send samples to. + type: string + urlRelabelConfig: + description: ConfigMap with relabeling config which is applied + to metrics before sending them to the corresponding -remoteWrite.url + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - url + type: object + type: array + remoteWriteSettings: + description: RemoteWriteSettings defines global settings for all remoteWrite + urls. + properties: + flushInterval: + description: Interval for flushing the data to remote storage. + (default 1s) + pattern: '[0-9]+(ms|s|m|h)' + type: string + label: + additionalProperties: + type: string + description: Labels in the form 'name=value' to add to all the + metrics before sending them. This overrides the label if it + already exists. + type: object + maxBlockSize: + description: The maximum size in bytes of unpacked request to + send to remote storage + format: int32 + type: integer + maxDiskUsagePerURL: + description: The maximum file-based buffer size in bytes at -remoteWrite.tmpDataPath + x-kubernetes-preserve-unknown-fields: true + queues: + description: The number of concurrent queues + format: int32 + type: integer + showURL: + description: Whether to show -remoteWrite.url in the exported + metrics. It is hidden by default, since it can contain sensitive + auth info + type: boolean + tmpDataPath: + description: Path to directory where temporary data for remote + write component is stored (default vmagent-remotewrite-data) + type: string + useMultiTenantMode: + description: |- + Configures vmagent accepting data via the same multitenant endpoints as vminsert at VictoriaMetrics cluster does, + see [here](https://docs.victoriametrics.com/vmagent/#multitenancy). + it's global setting and affects all remote storage configurations + type: boolean + type: object + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + scrapeConfigNamespaceSelector: + description: |- + ScrapeConfigNamespaceSelector defines Namespaces to be selected for VMScrapeConfig discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + scrapeConfigRelabelTemplate: + description: |- + ScrapeConfigRelabelTemplate defines relabel config, that will be added to each VMScrapeConfig. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + scrapeConfigSelector: + description: |- + ScrapeConfigSelector defines VMScrapeConfig to be selected for target discovery. + Works in combination with NamespaceSelector. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + scrapeInterval: + description: ScrapeInterval defines how often scrape targets by default + pattern: '[0-9]+(ms|s|m|h)' + type: string + scrapeTimeout: + description: ScrapeTimeout defines global timeout for targets scrape + pattern: '[0-9]+(ms|s|m|h)' + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + selectAllByDefault: + description: |- + SelectAllByDefault changes default behavior for empty CRD selectors, such ServiceScrapeSelector. + with selectAllByDefault: true and empty serviceScrapeSelector and ServiceScrapeNamespaceSelector + Operator selects all exist serviceScrapes + with selectAllByDefault: false - selects nothing + type: boolean + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeNamespaceSelector: + description: |- + ServiceScrapeNamespaceSelector Namespaces to be selected for VMServiceScrape discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + serviceScrapeRelabelTemplate: + description: |- + ServiceScrapeRelabelTemplate defines relabel config, that will be added to each VMServiceScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + serviceScrapeSelector: + description: |- + ServiceScrapeSelector defines ServiceScrapes to be selected for target discovery. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmagent VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmagent service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + shardCount: + description: |- + ShardCount - numbers of shards of VMAgent + in this case operator will use 1 deployment/sts per shard with + replicas count according to spec.replicas, + see [here](https://docs.victoriametrics.com/vmagent/#scraping-big-number-of-targets) + type: integer + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + statefulMode: + description: |- + StatefulMode enables StatefulSet for `VMAgent` instead of Deployment + it allows using persistent storage for vmagent's persistentQueue + type: boolean + statefulRollingUpdateStrategy: + description: |- + StatefulRollingUpdateStrategy allows configuration for strategyType + set it to RollingUpdate for disabling operator statefulSet rollingUpdate + type: string + statefulStorage: + description: StatefulStorage configures storage for StatefulSet + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the VMAlertManager StatefulSets. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: EmbeddedMetadata contains metadata relevant to + an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + Spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + Status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object + staticScrapeNamespaceSelector: + description: |- + StaticScrapeNamespaceSelector defines Namespaces to be selected for VMStaticScrape discovery. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + staticScrapeRelabelTemplate: + description: |- + StaticScrapeRelabelTemplate defines relabel config, that will be added to each VMStaticScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + staticScrapeSelector: + description: |- + StaticScrapeSelector defines VMStaticScrape to be selected for target discovery. + Works in combination with NamespaceSelector. + If both nil - match everything. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + streamAggrConfig: + description: StreamAggrConfig defines global stream aggregation configuration + for VMAgent + properties: + configmap: + description: ConfigMap with stream aggregation rules + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + dedupInterval: + description: Allows setting different de-duplication intervals + per each configured remote storage + type: string + dropInput: + description: Allow drop all the input samples after the aggregation + type: boolean + dropInputLabels: + description: labels to drop from samples for aggregator before + stream de-duplication and aggregation + items: + type: string + type: array + enableWindows: + description: EnableWindows enables aggregating data in separate + windows ( available from v0.54.0). + type: boolean + ignoreFirstIntervals: + description: IgnoreFirstIntervals instructs to ignore first interval + type: integer + ignoreOldSamples: + description: IgnoreOldSamples instructs to ignore samples with + old timestamps outside the current aggregation interval. + type: boolean + keepInput: + description: Allows writing both raw and aggregate data + type: boolean + rules: + description: Stream aggregation rules + items: + description: StreamAggrRule defines the rule in stream aggregation + config + properties: + by: + description: |- + By is an optional list of labels for grouping input series. + + See also Without. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + dedup_interval: + description: DedupInterval is an optional interval for deduplication. + type: string + drop_input_labels: + description: |- + DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples. + + Labels are dropped before de-duplication and aggregation. + items: + type: string + type: array + enable_windows: + description: EnableWindows enables aggregating data in separate + windows + type: boolean + flush_on_shutdown: + description: |- + FlushOnShutdown defines whether to flush the aggregation state on process termination + or config reload. Is `false` by default. + It is not recommended changing this setting, unless unfinished aggregations states + are preferred to missing data points. + type: boolean + ignore_first_intervals: + type: integer + ignore_old_samples: + description: IgnoreOldSamples instructs to ignore samples + with old timestamps outside the current aggregation interval. + type: boolean + input_relabel_configs: + description: |- + InputRelabelConfigs is an optional relabeling rules, which are applied on the input + before aggregation. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + interval: + description: Interval is the interval between aggregations. + type: string + keep_metric_names: + description: KeepMetricNames instructs to leave metric names + as is for the output time series without adding any suffix. + type: boolean + match: + description: |- + Match is a label selector (or list of label selectors) for filtering time series for the given selector. + + If the match isn't set, then all the input time series are processed. + x-kubernetes-preserve-unknown-fields: true + no_align_flush_to_interval: + description: |- + NoAlignFlushToInterval disables aligning of flushes to multiples of Interval. + By default flushes are aligned to Interval. + type: boolean + output_relabel_configs: + description: |- + OutputRelabelConfigs is an optional relabeling rules, which are applied + on the aggregated output before being sent to remote storage. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + outputs: + description: |- + Outputs is a list of output aggregate functions to produce. + + The following names are allowed: + + - total - aggregates input counters + - increase - counts the increase over input counters + - count_series - counts the input series + - count_samples - counts the input samples + - sum_samples - sums the input samples + - last - the last biggest sample value + - min - the minimum sample value + - max - the maximum sample value + - avg - the average value across all the samples + - stddev - standard deviation across all the samples + - stdvar - standard variance across all the samples + - histogram_bucket - creates VictoriaMetrics histogram for input samples + - quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1] + + The output time series will have the following names: + + input_name:aggr__ + items: + type: string + type: array + staleness_interval: + description: |- + Staleness interval is interval after which the series state will be reset if no samples have been sent during it. + The parameter is only relevant for outputs: total, total_prometheus, increase, increase_prometheus and histogram_bucket. + type: string + without: + description: |- + Without is an optional list of labels, which must be excluded when grouping input series. + + See also By. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + required: + - interval + - outputs + type: object + type: array + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: |- + UpdateStrategy - overrides default update strategy. + works only for deployments, statefulset always use OnDelete. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + useVMConfigReloader: + description: |- + UseVMConfigReloader replaces prometheus-like config-reloader + with vm one. It uses secrets watch instead of file watch + which greatly increases speed of config updates + type: boolean + vmAgentExternalLabelName: + description: |- + VMAgentExternalLabelName Name of vmAgent external label used to denote vmAgent instance + name. Defaults to the value of `prometheus`. External label will + _not_ be added when value is set to empty string (`""`). + type: string + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + required: + - remoteWrite + type: object + status: + description: VMAgentStatus defines the observed state of VMAgent + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + replicas: + description: ReplicaCount Total number of pods targeted by this VMAgent + format: int32 + type: integer + selector: + description: Selector string form of label value set for autoscaling + type: string + shards: + description: Shards represents total number of vmagent deployments + with uniq scrape targets + format: int32 + type: integer + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.shardCount + statusReplicasPath: .status.shards + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmalertmanagerconfigs.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAlertmanagerConfig + listKind: VMAlertmanagerConfigList + plural: vmalertmanagerconfigs + singular: vmalertmanagerconfig + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMAlertmanagerConfig is the Schema for the vmalertmanagerconfigs + API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + VMAlertmanagerConfigSpec defines configuration for VMAlertmanagerConfig + it must reference only locally defined objects + properties: + inhibit_rules: + description: |- + InhibitRules will only apply for alerts matching + the resource's namespace. + items: + description: |- + InhibitRule defines an inhibition rule that allows to mute alerts when other + alerts are already firing. + Note, it doesn't support deprecated alertmanager config options. + See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule + properties: + equal: + description: |- + Labels that must have an equal value in the source and target alert for + the inhibition to take effect. + items: + type: string + type: array + source_matchers: + description: |- + SourceMatchers defines a list of matchers for which one or more alerts have + to exist for the inhibition to take effect. + items: + type: string + type: array + target_matchers: + description: |- + TargetMatchers defines a list of matchers that have to be fulfilled by the target + alerts to be muted. + items: + type: string + type: array + type: object + type: array + receivers: + description: Receivers defines alert receivers + items: + description: Receiver defines one or more notification integrations. + properties: + discord_configs: + items: + properties: + avatar_url: + description: |- + AvatarURL defines message avatar URL + Available from operator v0.55.0 and alertmanager v0.28.0 + type: string + content: + description: |- + Content defines message content template + Available from operator v0.55.0 and alertmanager v0.28.0 + maxLength: 2000 + type: string + http_config: + description: HTTP client configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: The message body template + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + title: + description: The message title template + type: string + username: + description: |- + Username defines message username + Available from operator v0.55.0 and alertmanager v0.28.0 + type: string + webhook_url: + description: |- + The discord webhook URL + one of `urlSecret` and `url` must be defined. + type: string + webhook_url_secret: + description: |- + URLSecret defines secret name and key at the CRD namespace. + It must contain the webhook URL. + one of `urlSecret` and `url` must be defined. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + email_configs: + description: EmailConfigs defines email notification configurations. + items: + description: EmailConfig configures notifications via Email. + properties: + auth_identity: + description: The identity to use for authentication. + type: string + auth_password: + description: AuthPassword defines secret name and key + at CRD namespace. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + auth_secret: + description: |- + AuthSecret defines secret name and key at CRD namespace. + It must contain the CRAM-MD5 secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + auth_username: + description: The username to use for authentication. + type: string + from: + description: |- + The sender address. + fallback to global setting if empty + type: string + headers: + additionalProperties: + type: string + description: |- + Further headers email header key/value pairs. Overrides any headers + previously set by the notification implementation. + type: object + hello: + description: The hostname to identify to the SMTP server. + type: string + html: + description: The HTML body of the email notification. + type: string + require_tls: + description: |- + The SMTP TLS requirement. + Note that Go does not support unencrypted connections to remote SMTP endpoints. + type: boolean + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + smarthost: + description: |- + The SMTP host through which emails are sent. + fallback to global setting if empty + type: string + text: + description: The text body of the email notification. + type: string + tls_config: + description: TLS configuration + properties: + ca: + description: Struct containing the CA cert to use + for the targets. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert file + for the targets. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file + for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + to: + description: The email address to send notifications to. + type: string + type: object + type: array + jira_configs: + items: + description: |- + JiraConfig represent alertmanager's jira_config entry + https://prometheus.io/docs/alerting/latest/configuration/#jira_config + available from v0.55.0 operator version + and v0.28.0 alertmanager version + properties: + api_url: + description: |- + The URL to send API requests to. The full API path must be included. + Example: https://company.atlassian.net/rest/api/2/ + type: string + custom_fields: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + description: |- + Other issue and custom fields. + Jira issue field can have multiple types. + Depends on the field type, the values must be provided differently. + See https://developer.atlassian.com/server/jira/platform/jira-rest-api-examples/#setting-custom-field-data-for-other-field-types for further examples. + type: object + description: + description: Issue description template. + type: string + http_config: + description: |- + The HTTP client's configuration. You must use this configuration to supply the personal access token (PAT) as part of the HTTP `Authorization` header. + For Jira Cloud, use basic_auth with the email address as the username and the PAT as the password. + For Jira Data Center, use the 'authorization' field with 'credentials: '. + x-kubernetes-preserve-unknown-fields: true + issue_type: + description: Type of the issue (e.g. Bug) + type: string + labels: + description: Labels to be added to the issue + items: + type: string + type: array + priority: + description: Priority of the issue + type: string + project: + description: The project key where issues are created + type: string + reopen_duration: + description: |- + If reopen_transition is defined, reopen the issue when it is not older than this value (rounded down to the nearest minute). + The resolutiondate field is used to determine the age of the issue. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + reopen_transition: + description: |- + Name of the workflow transition to resolve an issue. + The target status must have the category "done". + type: string + resolve_transition: + description: |- + Name of the workflow transition to reopen an issue. + The target status should not have the category "done". + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + summary: + description: Issue summary template + type: string + wont_fix_resolution: + description: If reopen_transition is defined, ignore issues + with that resolution. + type: string + required: + - issue_type + - project + type: object + type: array + msteams_configs: + items: + properties: + http_config: + description: HTTP client configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + text: + description: The text body of the teams notification. + type: string + title: + description: The title of the teams notification. + type: string + webhook_url: + description: |- + The incoming webhook URL + one of `urlSecret` and `url` must be defined. + type: string + webhook_url_secret: + description: |- + URLSecret defines secret name and key at the CRD namespace. + It must contain the webhook URL. + one of `urlSecret` and `url` must be defined. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + msteamsv2_configs: + items: + description: |- + MSTeamsV2Config sends notifications using the new message format with adaptive cards as required by flows. + https://support.microsoft.com/en-gb/office/create-incoming-webhooks-with-workflows-for-microsoft-teams-8ae491c7-0394-4861-ba59-055e33f75498 + available from v0.55.0 operator version + and v0.28.0 alertmanager version + properties: + http_config: + x-kubernetes-preserve-unknown-fields: true + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + text: + description: Message body template. + type: string + title: + description: Message title template. + type: string + webhook_url: + description: |- + The incoming webhook URL + one of `urlSecret` and `url` must be defined. + type: string + webhook_url_secret: + description: |- + URLSecret defines secret name and key at the CRD namespace. + It must contain the webhook URL. + one of `webhook_url` or `webhook_url_secret` must be defined. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + name: + description: Name of the receiver. Must be unique across all + items from the list. + minLength: 1 + type: string + opsgenie_configs: + description: OpsGenieConfigs defines ops genie notification + configurations. + items: + description: |- + OpsGenieConfig configures notifications via OpsGenie. + See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config + properties: + actions: + description: Comma separated list of actions that will + be available for the alert. + type: string + api_key: + description: |- + The secret's key that contains the OpsGenie API key. + It must be at them same namespace as CRD + fallback to global setting if empty + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + apiURL: + description: The URL to send OpsGenie API requests to. + type: string + description: + description: Description of the incident. + type: string + details: + additionalProperties: + type: string + description: A set of arbitrary key/value pairs that provide + further detail about the incident. + type: object + entity: + description: Optional field that can be used to specify + which domain alert is related to. + type: string + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + message: + description: Alert text limited to 130 characters. + type: string + note: + description: Additional alert note. + type: string + priority: + description: Priority level of alert. Possible values + are P1, P2, P3, P4, and P5. + type: string + responders: + description: List of responders responsible for notifications. + items: + description: |- + OpsGenieConfigResponder defines a responder to an incident. + One of `id`, `name` or `username` has to be defined. + properties: + id: + description: ID of the responder. + type: string + name: + description: Name of the responder. + type: string + type: + description: Type of responder. + minLength: 1 + type: string + username: + description: Username of the responder. + type: string + required: + - type + type: object + type: array + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + source: + description: Backlink to the sender of the notification. + type: string + tags: + description: Comma separated list of tags attached to + the notifications. + type: string + update_alerts: + description: |- + Whether to update message and description of the alert in OpsGenie if it already exists + By default, the alert is never updated in OpsGenie, the new message only appears in activity log. + type: boolean + type: object + type: array + pagerduty_configs: + description: PagerDutyConfigs defines pager duty notification + configurations. + items: + description: |- + PagerDutyConfig configures notifications via PagerDuty. + See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config + properties: + class: + description: The class/type of the event. + type: string + client: + description: Client identification. + type: string + client_url: + description: Backlink to the sender of notification. + type: string + component: + description: The part or component of the affected system + that is broken. + type: string + description: + description: Description of the incident. + type: string + details: + additionalProperties: + type: string + description: Arbitrary key/value pairs that provide further + detail about the incident. + type: object + group: + description: A cluster or grouping of sources. + type: string + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + images: + description: Images to attach to the incident. + items: + description: |- + ImageConfig is used to attach images to the incident. + See https://developer.pagerduty.com/docs/ZG9jOjExMDI5NTgx-send-an-alert-event#the-images-property + for more information. + properties: + alt: + type: string + href: + type: string + source: + type: string + required: + - source + type: object + type: array + links: + description: Links to attach to the incident. + items: + description: |- + LinkConfig is used to attach text links to the incident. + See https://developer.pagerduty.com/docs/ZG9jOjExMDI5NTgx-send-an-alert-event#the-links-property + for more information. + properties: + href: + type: string + text: + type: string + required: + - href + type: object + type: array + routing_key: + description: |- + The secret's key that contains the PagerDuty integration key (when using + Events API v2). Either this field or `serviceKey` needs to be defined. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + service_key: + description: |- + The secret's key that contains the PagerDuty service key (when using + integration type "Prometheus"). Either this field or `routingKey` needs to + be defined. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + severity: + description: Severity of the incident. + type: string + url: + description: The URL to send requests to. + type: string + type: object + type: array + pushover_configs: + description: PushoverConfigs defines push over notification + configurations. + items: + description: |- + PushoverConfig configures notifications via Pushover. + See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config + properties: + expire: + description: |- + How long your notification will continue to be retried for, unless the user + acknowledges the notification. + type: string + html: + description: Whether notification message is HTML or plain + text. + type: boolean + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + message: + description: Notification message. + type: string + priority: + description: Priority, see https://pushover.net/api#priority + type: string + retry: + description: |- + How often the Pushover servers will send the same notification to the user. + Must be at least 30 seconds. + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + sound: + description: The name of one of the sounds supported by + device clients to override the user's default sound + choice + type: string + title: + description: Notification title. + type: string + token: + description: |- + The secret's key that contains the registered application’s API token, see https://pushover.net/apps. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + url: + description: A supplementary URL shown alongside the message. + type: string + url_title: + description: A title for supplementary URL, otherwise + just the URL is shown + type: string + user_key: + description: |- + The secret's key that contains the recipient user’s user key. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + rocketchat_configs: + items: + description: |- + RocketchatConfig configures notifications via Rocketchat. + https://prometheus.io/docs/alerting/latest/configuration/#rocketchat_config + available from v0.55.0 operator version + and v0.28.0 alertmanager version + properties: + actions: + items: + description: |- + RocketchatAttachmentAction defines message attachments + https://github.com/RocketChat/Rocket.Chat.Go.SDK/blob/master/models/message.go + properties: + msg: + type: string + text: + type: string + type: + type: string + url: + type: string + type: object + type: array + api_url: + type: string + channel: + description: 'RocketChat channel override, (like #other-channel + or @username).' + type: string + color: + type: string + emoji: + type: string + fields: + items: + description: |- + RocketchatAttachmentField defines API fields + https://developer.rocket.chat/reference/api/rest-api/endpoints/messaging/chat-endpoints/postmessage#attachment-field-objects + properties: + short: + type: boolean + title: + type: string + value: + type: string + type: object + type: array + http_config: + x-kubernetes-preserve-unknown-fields: true + icon_url: + type: string + image_url: + type: string + link_names: + type: boolean + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + short_fields: + type: boolean + text: + type: string + thumb_url: + type: string + title: + type: string + title_link: + type: string + token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + token_id: + description: |- + The sender token and token_id + See https://docs.rocket.chat/use-rocket.chat/user-guides/user-panel/my-account#personal-access-tokens + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + slack_configs: + description: SlackConfigs defines slack notification configurations. + items: + description: |- + SlackConfig configures notifications via Slack. + See https://prometheus.io/docs/alerting/latest/configuration/#slack_config + properties: + actions: + description: A list of Slack actions that are sent with + each notification. + items: + description: |- + SlackAction configures a single Slack action that is sent with each + notification. + See https://api.slack.com/docs/message-attachments#action_fields and + https://api.slack.com/docs/message-buttons for more information. + properties: + confirm: + description: |- + SlackConfirmationField protect users from destructive actions or + particularly distinguished decisions by asking them to confirm their button + click one more time. + See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields + for more information. + properties: + dismiss_text: + type: string + ok_text: + type: string + text: + minLength: 1 + type: string + title: + type: string + required: + - text + type: object + name: + type: string + style: + type: string + text: + minLength: 1 + type: string + type: + minLength: 1 + type: string + url: + type: string + value: + type: string + required: + - text + - type + type: object + type: array + api_url: + description: |- + The secret's key that contains the Slack webhook URL. + It must be at them same namespace as CRD + fallback to global setting if empty + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + callback_id: + type: string + channel: + description: The channel or user to send notifications + to. + type: string + color: + type: string + fallback: + type: string + fields: + description: A list of Slack fields that are sent with + each notification. + items: + description: |- + SlackField configures a single Slack field that is sent with each notification. + See https://api.slack.com/docs/message-attachments#fields for more information. + properties: + short: + type: boolean + title: + minLength: 1 + type: string + value: + minLength: 1 + type: string + required: + - title + - value + type: object + type: array + footer: + type: string + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + icon_emoji: + type: string + icon_url: + type: string + image_url: + type: string + link_names: + type: boolean + mrkdwn_in: + items: + type: string + type: array + pretext: + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + short_fields: + type: boolean + text: + type: string + thumb_url: + type: string + title: + type: string + title_link: + type: string + username: + type: string + type: object + type: array + sns_configs: + items: + properties: + api_url: + description: The api URL + type: string + attributes: + additionalProperties: + type: string + description: SNS message attributes + type: object + http_config: + description: HTTP client configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: The message content of the SNS notification. + type: string + phone_number: + description: |- + Phone number if message is delivered via SMS + Specify this, topic_arn or target_arn + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + sigv4: + description: Configure the AWS Signature Verification + 4 signing process + properties: + access_key: + description: |- + The AWS API keys. Both access_key and secret_key must be supplied or both must be blank. + If blank the environment variables `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` are used. + type: string + access_key_selector: + description: secret key selector to get the keys from + a Kubernetes Secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + profile: + description: Named AWS profile used to authenticate + type: string + region: + description: AWS region, if blank the region from + the default credentials chain is used + type: string + role_arn: + description: AWS Role ARN, an alternative to using + AWS API keys + type: string + secret_key_selector: + description: secret key selector to get the keys from + a Kubernetes Secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + subject: + description: The subject line if message is delivered + to an email endpoint. + type: string + target_arn: + description: |- + Mobile platform endpoint ARN if message is delivered via mobile notifications + Specify this, topic_arn or phone_number + type: string + topic_arn: + description: SNS topic ARN, either specify this, phone_number + or target_arn + type: string + type: object + type: array + telegram_configs: + items: + description: |- + TelegramConfig configures notification via telegram + https://prometheus.io/docs/alerting/latest/configuration/#telegram_config + properties: + api_url: + description: APIUrl the Telegram API URL i.e. https://api.telegram.org. + type: string + bot_token: + description: |- + BotToken token for the bot + https://core.telegram.org/bots/api + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + chat_id: + description: ChatID is ID of the chat where to send the + messages. + type: integer + disable_notifications: + description: DisableNotifications + type: boolean + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + message: + description: Message is templated message + type: string + message_thread_id: + description: MessageThreadID defines ID of the message + thread where to send the messages. + type: integer + parse_mode: + description: |- + ParseMode for telegram message, + supported values are MarkdownV2, Markdown, Markdown and empty string for plain text. + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + required: + - bot_token + - chat_id + type: object + type: array + victorops_configs: + description: VictorOpsConfigs defines victor ops notification + configurations. + items: + description: |- + VictorOpsConfig configures notifications via VictorOps. + See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config + properties: + api_key: + description: |- + The secret's key that contains the API key to use when talking to the VictorOps API. + It must be at them same namespace as CRD + fallback to global setting if empty + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + api_url: + description: The VictorOps API URL. + type: string + custom_fields: + additionalProperties: + type: string + description: |- + Adds optional custom fields + https://github.com/prometheus/alertmanager/blob/v0.24.0/config/notifiers.go#L537 + type: object + entity_display_name: + description: Contains summary of the alerted problem. + type: string + http_config: + description: The HTTP client's configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message_type: + description: Describes the behavior of the alert (CRITICAL, + WARNING, INFO). + type: string + monitoring_tool: + description: The monitoring tool the state message is + from. + type: string + routing_key: + description: A key used to map the alert to a team. + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + state_message: + description: Contains long explanation of the alerted + problem. + type: string + required: + - routing_key + type: object + type: array + webex_configs: + items: + properties: + api_url: + description: The Webex Teams API URL, i.e. https://webexapis.com/v1/messages + type: string + http_config: + description: HTTP client configuration. You must use this + configuration to supply the bot token as part of the + HTTP `Authorization` header. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: The message body template + type: string + room_id: + description: The ID of the Webex Teams room where to send + the messages + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + required: + - room_id + type: object + type: array + webhook_configs: + description: WebhookConfigs defines webhook notification configurations. + items: + description: |- + WebhookConfig configures notifications via a generic receiver supporting the webhook payload. + See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config + properties: + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + max_alerts: + description: Maximum number of alerts to be sent per webhook + message. When 0, all alerts are included. + format: int32 + minimum: 0 + type: integer + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + timeout: + description: |- + Timeout is the maximum time allowed to invoke the webhook + available since v0.28.0 alertmanager version + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + url: + description: |- + URL to send requests to, + one of `urlSecret` and `url` must be defined. + type: string + url_secret: + description: |- + URLSecret defines secret name and key at the CRD namespace. + It must contain the webhook URL. + one of `urlSecret` and `url` must be defined. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + wechat_configs: + description: WeChatConfigs defines wechat notification configurations. + items: + description: |- + WeChatConfig configures notifications via WeChat. + See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config + properties: + agent_id: + type: string + api_secret: + description: |- + The secret's key that contains the WeChat API key. + The secret needs to be in the same namespace as the AlertmanagerConfig + fallback to global alertmanager setting if empty + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + api_url: + description: |- + The WeChat API URL. + fallback to global alertmanager setting if empty + type: string + corp_id: + description: |- + The corp id for authentication. + fallback to global alertmanager setting if empty + type: string + http_config: + description: HTTP client configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: API request data as defined by the WeChat + API. + type: string + message_type: + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + to_party: + type: string + to_tag: + type: string + to_user: + type: string + type: object + type: array + required: + - name + type: object + type: array + route: + description: Route definition for alertmanager, may include nested + routes. + properties: + active_time_intervals: + description: |- + ActiveTimeIntervals Times when the route should be active + These must match the name at time_intervals + items: + type: string + type: array + continue: + description: |- + Continue indicating whether an alert should continue matching subsequent + sibling nodes. It will always be true for the first-level route if disableRouteContinueEnforce for vmalertmanager not set. + type: boolean + group_by: + description: List of labels to group by. + items: + type: string + type: array + group_interval: + description: How long to wait before sending an updated notification. + pattern: '[0-9]+(ms|s|m|h)' + type: string + group_wait: + description: How long to wait before sending the initial notification. + pattern: '[0-9]+(ms|s|m|h)' + type: string + matchers: + description: |- + List of matchers that the alert’s labels should match. For the first + level route, the operator adds a namespace: "CRD_NS" matcher. + https://prometheus.io/docs/alerting/latest/configuration/#matcher + items: + type: string + type: array + mute_time_intervals: + description: MuteTimeIntervals is a list of interval names that + will mute matched alert + items: + type: string + type: array + receiver: + description: Name of the receiver for this route. + type: string + repeat_interval: + description: How long to wait before repeating the last notification. + pattern: '[0-9]+(ms|s|m|h)' + type: string + routes: + description: |- + Child routes. + https://prometheus.io/docs/alerting/latest/configuration/#route + items: + x-kubernetes-preserve-unknown-fields: true + type: array + required: + - receiver + type: object + time_intervals: + description: |- + TimeIntervals defines named interval for active/mute notifications interval + See https://prometheus.io/docs/alerting/latest/configuration/#time_interval + items: + description: TimeIntervals for alerts + properties: + name: + description: Name of interval + type: string + time_intervals: + description: TimeIntervals interval configuration + items: + description: TimeInterval defines intervals of time + properties: + days_of_month: + description: |- + DayOfMonth defines list of numerical days in the month. Days begin at 1. Negative values are also accepted. + for example, ['1:5', '-3:-1'] + items: + type: string + type: array + location: + description: Location in golang time location form, e.g. + UTC + type: string + months: + description: |- + Months defines list of calendar months identified by a case-insensitive name (e.g. ‘January’) or numeric 1. + For example, ['1:3', 'may:august', 'december'] + items: + type: string + type: array + times: + description: Times defines time range for mute + items: + description: TimeRange ranges inclusive of the starting + time and exclusive of the end time + properties: + end_time: + description: EndTime for example HH:MM + type: string + start_time: + description: StartTime for example HH:MM + type: string + required: + - end_time + - start_time + type: object + type: array + weekdays: + description: Weekdays defines list of days of the week, + where the week begins on Sunday and ends on Saturday. + items: + type: string + type: array + years: + description: |- + Years defines numerical list of years, ranges are accepted. + For example, ['2020:2022', '2030'] + items: + type: string + type: array + type: object + type: array + required: + - name + - time_intervals + type: object + type: array + required: + - receivers + - route + type: object + status: + description: VMAlertmanagerConfigStatus defines the observed state of + VMAlertmanagerConfig + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + lastErrorParentAlertmanagerName: + type: string + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmalertmanagers.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAlertmanager + listKind: VMAlertmanagerList + plural: vmalertmanagers + shortNames: + - vma + singular: vmalertmanager + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The desired replicas number of Alertmanagers + jsonPath: .spec.replicaCount + name: ReplicaCount + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Current update status + jsonPath: .status.updateStatus + name: Update Status + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMAlertmanager represents Victoria-Metrics deployment for Alertmanager. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + Specification of the desired behavior of the VMAlertmanager cluster. More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + additionalPeers: + description: AdditionalPeers allows injecting a set of additional + Alertmanagers to peer with to form a highly available cluster. + items: + type: string + type: array + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for StatefulSet + items: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + x-kubernetes-preserve-unknown-fields: true + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status of + resource being resized for the given PVC.\nKey names follow + standard Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus + can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with a + terminal error.\n\t- NodeResizePending:\n\t\tState set + when resize controller has finished resizing the volume + but further resizing of\n\t\tvolume is needed on the node.\n\t- + NodeResizeInProgress:\n\t\tState set when kubelet starts + resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, it + means that no resize operation is in progress for the + given PVC.\n\nA controller that receives PVC update with + previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources allocated + to a PVC including its capacity.\nKey names follow standard + Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nCapacity + reported here may be larger than the actual capacity when + a volume expansion operation\nis requested.\nFor storage + quota, the larger value from allocatedResources and PVC.spec.resources + is used.\nIf allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and if + the actual volume capacity\nis equal or lower than the + requested capacity.\n\nA controller that receives PVC + update with previously unknown resourceName\nshould ignore + the update for the purpose it was designed. For example + - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources of + the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains details + about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed the + condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the condition + transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible indicates + that the request has been rejected as invalid by the + CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass + needs to be specified.\nNote: New statuses can be + added in the future. Consumers should check for unknown + statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: array + clusterAdvertiseAddress: + description: |- + ClusterAdvertiseAddress is the explicit address to advertise in cluster. + Needs to be provided for non RFC1918 [1] (public) addresses. + [1] RFC1918: https://tools.ietf.org/html/rfc1918 + type: string + clusterDomainName: + description: |- + ClusterDomainName defines domain name suffix for in-cluster dns addresses + aka .cluster.local + used to build pod peer addresses for in-cluster communication + type: string + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configNamespaceSelector: + description: |2- + ConfigNamespaceSelector defines namespace selector for VMAlertmanagerConfig. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAlertmanager namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + configRawYaml: + description: |- + ConfigRawYaml - raw configuration for alertmanager, + it helps it to start without secret. + priority -> hardcoded ConfigRaw -> ConfigRaw, provided by user -> ConfigSecret. + type: string + configReloadAuthKeySecret: + description: |- + ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. + Given secret reference will be added to the application and vm-config-reloader as volume + available since v0.57.0 version + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + configReloaderExtraArgs: + additionalProperties: + type: string + description: |- + ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container + for example resyncInterval: "30s" + type: object + configReloaderImageTag: + description: ConfigReloaderImageTag defines image:tag for config-reloader + container + type: string + configReloaderResources: + description: |- + ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + configSecret: + description: |- + ConfigSecret is the name of a Kubernetes Secret in the same namespace as the + VMAlertmanager object, which contains configuration for this VMAlertmanager, + configuration must be inside secret key: alertmanager.yaml. + It must be created by user. + instance. Defaults to 'vmalertmanager-' + The secret is mounted into /etc/alertmanager/config. + type: string + configSelector: + description: |- + ConfigSelector defines selector for VMAlertmanagerConfig, result config will be merged with with Raw or Secret config. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAlertmanager namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableNamespaceMatcher: + description: |- + DisableNamespaceMatcher disables top route namespace label matcher for VMAlertmanagerConfig + It may be useful if alert doesn't have namespace label for some reason + type: boolean + disableRouteContinueEnforce: + description: DisableRouteContinueEnforce cancel the behavior for VMAlertmanagerConfig + that always enforce first-level route continue to true + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + enforcedTopRouteMatchers: + description: |- + EnforcedTopRouteMatchers defines label matchers to be added for the top route + of VMAlertmanagerConfig + It allows to make some set of labels required for alerts. + https://prometheus.io/docs/alerting/latest/configuration/#matcher + items: + type: string + type: array + externalURL: + description: |- + ExternalURL the VMAlertmanager instances will be available under. This is + necessary to generate correct URLs. This is necessary if VMAlertmanager is not + served from root of a DNS name. + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + gossipConfig: + description: GossipConfig defines gossip TLS configuration for Alertmanager + cluster + properties: + tls_client_config: + description: TLSClientConfig defines client TLS configuration + for alertmanager + properties: + ca_file: + description: |- + CAFile defines path to the pre-mounted file with CA + mutually exclusive with CASecretRef + type: string + ca_secret_ref: + description: |- + CA defines reference for secret with CA content under given key + mutually exclusive with CAFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cert_file: + description: |- + CertFile defines path to the pre-mounted file with certificate + mutually exclusive with CertSecretRef + type: string + cert_secret_ref: + description: |- + CertSecretRef defines reference for secret with certificate content under given key + mutually exclusive with CertFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + insecure_skip_verify: + description: |- + Cert defines reference for secret with CA content under given key + mutually exclusive with CertFile + type: boolean + key_file: + description: |- + KeyFile defines path to the pre-mounted file with certificate key + mutually exclusive with KeySecretRef + type: string + key_secret_ref: + description: |- + Key defines reference for secret with certificate key content under given key + mutually exclusive with KeyFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + server_name: + description: ServerName indicates a name of a server + type: string + type: object + tls_server_config: + description: TLSServerConfig defines server TLS configuration + for alertmanager + properties: + cert_file: + description: |- + CertFile defines path to the pre-mounted file with certificate + mutually exclusive with CertSecretRef + type: string + cert_secret_ref: + description: |- + CertSecretRef defines reference for secret with certificate content under given key + mutually exclusive with CertFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cipher_suites: + description: |- + CipherSuites defines list of supported cipher suites for TLS versions up to TLS 1.2 + https://golang.org/pkg/crypto/tls/#pkg-constants + items: + type: string + type: array + client_auth_type: + description: |- + Cert defines reference for secret with CA content under given key + mutually exclusive with CertFile + ClientAuthType defines server policy for client authentication + If you want to enable client authentication (aka mTLS), you need to use RequireAndVerifyClientCert + Note, mTLS is supported only at enterprise version of VictoriaMetrics components + enum: + - NoClientCert + - RequireAndVerifyClientCert + type: string + client_ca_file: + description: |- + ClientCAFile defines path to the pre-mounted file with CA + mutually exclusive with ClientCASecretRef + type: string + client_ca_secret_ref: + description: |- + ClientCASecretRef defines reference for secret with CA content under given key + mutually exclusive with ClientCAFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + curve_preferences: + description: |- + CurvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. + https://golang.org/pkg/crypto/tls/#CurveID + items: + type: string + type: array + key_file: + description: |- + KeyFile defines path to the pre-mounted file with certificate key + mutually exclusive with KeySecretRef + type: string + key_secret_ref: + description: |- + Key defines reference for secret with certificate key content under given key + mutually exclusive with KeyFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + max_version: + description: MaxVersion maximum TLS version that is acceptable. + enum: + - TLS10 + - TLS11 + - TLS12 + - TLS13 + type: string + min_version: + description: MinVersion minimum TLS version that is acceptable. + enum: + - TLS10 + - TLS11 + - TLS12 + - TLS13 + type: string + prefer_server_cipher_suites: + description: |- + PreferServerCipherSuites controls whether the server selects the + client's most preferred ciphersuite + type: boolean + type: object + type: object + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + listenLocal: + description: |- + ListenLocal makes the VMAlertmanager server listen on loopback, so that it + does not bind against the Pod IP. Note this is only for the VMAlertmanager + UI, not the gossip communication. + type: boolean + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VMAlertmanager to be configured with. + enum: + - logfmt + - json + type: string + logLevel: + description: Log level for VMAlertmanager to be configured with. + enum: + - debug + - info + - warn + - error + - DEBUG + - INFO + - WARN + - ERROR + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the alertmanager pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + portName: + description: |- + PortName used for the pods and governing service. + This defaults to web + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + retention: + description: |- + Retention Time duration VMAlertmanager shall retain data for. Default is '120h', + and must match the regular expression `[0-9]+(ms|s|m|h)` (milliseconds seconds minutes hours). + pattern: '[0-9]+(ms|s|m|h)' + type: string + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy defines strategy for application updates + Default is OnDelete, in this case operator handles update process + Can be changed for RollingUpdate + type: string + routePrefix: + description: |- + RoutePrefix VMAlertmanager registers HTTP handlers for. This is useful, + if using ExternalURL and a proxy is rewriting HTTP routes of a request, + and the actual ExternalURL is still true, but the server serves requests + under a different route prefix. For example for use with `kubectl proxy`. + type: string + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + selectAllByDefault: + description: |- + SelectAllByDefault changes default behavior for empty CRD selectors, such ConfigSelector. + with selectAllByDefault: true and undefined ConfigSelector and ConfigNamespaceSelector + Operator selects all exist alertManagerConfigs + with selectAllByDefault: false - selects nothing + type: boolean + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmalertmanager + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmalertmanager service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + Storage is the definition of how storage will be used by the VMAlertmanager + instances. + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the VMAlertManager StatefulSets. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: EmbeddedMetadata contains metadata relevant to + an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + Spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + Status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object + templates: + description: |- + Templates is a list of ConfigMap key references for ConfigMaps in the same namespace as the VMAlertmanager + object, which shall be mounted into the VMAlertmanager Pods. + The Templates are mounted into /etc/vm/templates//. + items: + description: ConfigMapKeyReference refers to a key in a ConfigMap. + properties: + key: + description: The ConfigMap key to refer to. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + useVMConfigReloader: + description: |- + UseVMConfigReloader replaces prometheus-like config-reloader + with vm one. It uses secrets watch instead of file watch + which greatly increases speed of config updates + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + webConfig: + description: |- + WebConfig defines configuration for webserver + https://github.com/prometheus/alertmanager/blob/main/docs/https.md + properties: + basic_auth_users: + additionalProperties: + type: string + description: |- + BasicAuthUsers Usernames and hashed passwords that have full access to the web server + Passwords must be hashed with bcrypt + type: object + http_server_config: + description: HTTPServerConfig defines http server configuration + for alertmanager web server + properties: + headers: + additionalProperties: + type: string + description: Headers defines list of headers that can be added + to HTTP responses. + type: object + http2: + description: |- + HTTP2 enables HTTP/2 support. Note that HTTP/2 is only supported with TLS. + This can not be changed on the fly. + type: boolean + type: object + tls_server_config: + description: TLSServerConfig defines server TLS configuration + for alertmanager + properties: + cert_file: + description: |- + CertFile defines path to the pre-mounted file with certificate + mutually exclusive with CertSecretRef + type: string + cert_secret_ref: + description: |- + CertSecretRef defines reference for secret with certificate content under given key + mutually exclusive with CertFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cipher_suites: + description: |- + CipherSuites defines list of supported cipher suites for TLS versions up to TLS 1.2 + https://golang.org/pkg/crypto/tls/#pkg-constants + items: + type: string + type: array + client_auth_type: + description: |- + Cert defines reference for secret with CA content under given key + mutually exclusive with CertFile + ClientAuthType defines server policy for client authentication + If you want to enable client authentication (aka mTLS), you need to use RequireAndVerifyClientCert + Note, mTLS is supported only at enterprise version of VictoriaMetrics components + enum: + - NoClientCert + - RequireAndVerifyClientCert + type: string + client_ca_file: + description: |- + ClientCAFile defines path to the pre-mounted file with CA + mutually exclusive with ClientCASecretRef + type: string + client_ca_secret_ref: + description: |- + ClientCASecretRef defines reference for secret with CA content under given key + mutually exclusive with ClientCAFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + curve_preferences: + description: |- + CurvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. + https://golang.org/pkg/crypto/tls/#CurveID + items: + type: string + type: array + key_file: + description: |- + KeyFile defines path to the pre-mounted file with certificate key + mutually exclusive with KeySecretRef + type: string + key_secret_ref: + description: |- + Key defines reference for secret with certificate key content under given key + mutually exclusive with KeyFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + max_version: + description: MaxVersion maximum TLS version that is acceptable. + enum: + - TLS10 + - TLS11 + - TLS12 + - TLS13 + type: string + min_version: + description: MinVersion minimum TLS version that is acceptable. + enum: + - TLS10 + - TLS11 + - TLS12 + - TLS13 + type: string + prefer_server_cipher_suites: + description: |- + PreferServerCipherSuites controls whether the server selects the + client's most preferred ciphersuite + type: boolean + type: object + type: object + type: object + status: + description: |- + Most recent observed status of the VMAlertmanager cluster. + Operator API itself. More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmalerts.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAlert + listKind: VMAlertList + plural: vmalerts + singular: vmalert + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - description: The desired replicas number of Alertmanagers + jsonPath: .spec.replicaCount + name: ReplicaCount + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VMAlert executes a list of given alerting or recording rules + against configured address. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMAlertSpec defines the desired state of VMAlert + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configReloadAuthKeySecret: + description: |- + ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. + Given secret reference will be added to the application and vm-config-reloader as volume + available since v0.57.0 version + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + configReloaderExtraArgs: + additionalProperties: + type: string + description: |- + ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container + for example resyncInterval: "30s" + type: object + configReloaderImageTag: + description: ConfigReloaderImageTag defines image:tag for config-reloader + container + type: string + configReloaderResources: + description: |- + ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + datasource: + description: Datasource Victoria Metrics or VMSelect url. Required + parameter. e.g. http://127.0.0.1:8428 + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: Victoria Metrics or VMSelect url. Required parameter. + E.g. http://127.0.0.1:8428 + type: string + required: + - url + type: object + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + enforcedNamespaceLabel: + description: |- + EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert + and metric that is user created. The label value will always be the namespace of the object that is + being created. + type: string + evaluationInterval: + description: EvaluationInterval defines how often to evaluate rules + by default + pattern: '[0-9]+(ms|s|m|h)' + type: string + externalLabels: + additionalProperties: + type: string + description: 'ExternalLabels in the form ''name: value'' to add to + all generated recording rules and alerts.' + type: object + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/enterprise) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VMAlert to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMAlert to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + notifier: + description: |- + Notifier prometheus alertmanager endpoint spec. Required at least one of notifier or notifiers when there are alerting rules. e.g. http://127.0.0.1:9093 + If specified both notifier and notifiers, notifier will be added as last element to notifiers. + only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + selector: + description: |- + Selector allows service discovery for alertmanager + in this case all matched vmalertmanager replicas will be added into vmalert notifier.url + as statefulset pod.fqdn + properties: + labelSelector: + description: |- + A label selector is a label query over a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector matches all objects. A null + label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: |- + NamespaceSelector is a selector for selecting either all namespaces or a + list of namespaces. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + type: object + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: AlertManager url. E.g. http://127.0.0.1:9093 + type: string + type: object + notifierConfigRef: + description: |- + NotifierConfigRef reference for secret with notifier configuration for vmalert + only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + notifiers: + description: |- + Notifiers prometheus alertmanager endpoints. Required at least one of notifier or notifiers when there are alerting rules. e.g. http://127.0.0.1:9093 + If specified both notifier and notifiers, notifier will be added as last element to notifiers. + only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier + items: + description: VMAlertNotifierSpec defines the notifier url for sending + information about alerts + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + selector: + description: |- + Selector allows service discovery for alertmanager + in this case all matched vmalertmanager replicas will be added into vmalert notifier.url + as statefulset pod.fqdn + properties: + labelSelector: + description: |- + A label selector is a label query over a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector matches all objects. A null + label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: |- + NamespaceSelector is a selector for selecting either all namespaces or a + list of namespaces. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + type: object + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: AlertManager url. E.g. http://127.0.0.1:9093 + type: string + type: object + type: array + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the VMAlert pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + remoteRead: + description: |- + RemoteRead Optional URL to read vmalert state (persisted via RemoteWrite) + This configuration only makes sense if alerts state has been successfully + persisted (via RemoteWrite) before. + see -remoteRead.url docs in vmalerts for details. + E.g. http://127.0.0.1:8428 + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + lookback: + description: |- + Lookback defines how far to look into past for alerts timeseries. For example, if lookback=1h then range from now() to now()-1h will be scanned. (default 1h0m0s) + Applied only to RemoteReadSpec + type: string + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: URL of the endpoint to send samples to. + type: string + required: + - url + type: object + remoteWrite: + description: |- + RemoteWrite Optional URL to remote-write compatible storage to persist + vmalert state and rule results to. + Rule results will be persisted according to each rule. + Alerts state will be persisted in the form of time series named ALERTS and ALERTS_FOR_STATE + see -remoteWrite.url docs in vmalerts for details. + E.g. http://127.0.0.1:8428 + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + concurrency: + description: Defines number of readers that concurrently write + into remote storage (default 1) + format: int32 + type: integer + flushInterval: + description: Defines interval of flushes to remote write endpoint + (default 5s) + pattern: '[0-9]+(ms|s|m|h)' + type: string + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + maxBatchSize: + description: Defines defines max number of timeseries to be flushed + at once (default 1000) + format: int32 + type: integer + maxQueueSize: + description: Defines the max number of pending datapoints to remote + write endpoint (default 100000) + format: int32 + type: integer + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: URL of the endpoint to send samples to. + type: string + required: + - url + type: object + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + ruleNamespaceSelector: + description: |- + RuleNamespaceSelector to be selected for VMRules discovery. + Works in combination with Selector. + If both nil - behaviour controlled by selectAllByDefault + NamespaceSelector nil - only objects at VMAlert namespace. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + rulePath: + description: |- + RulePath to the file with alert rules. + Supports patterns. Flag can be specified multiple times. + Examples: + -rule /path/to/file. Path to a single file with alerting rules + -rule dir/*.yaml -rule /*.yaml. Relative path to all .yaml files in folder, + absolute path to all .yaml files in root. + by default operator adds /etc/vmalert/configs/base/vmalert.yaml + items: + type: string + type: array + ruleSelector: + description: |- + RuleSelector selector to select which VMRules to mount for loading alerting + rules from. + Works in combination with NamespaceSelector. + If both nil - behaviour controlled by selectAllByDefault + NamespaceSelector nil - only objects at VMAlert namespace. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + selectAllByDefault: + description: |- + SelectAllByDefault changes default behavior for empty CRD selectors, such RuleSelector. + with selectAllByDefault: true and empty serviceScrapeSelector and RuleNamespaceSelector + Operator selects all exist serviceScrapes + with selectAllByDefault: false - selects nothing + type: boolean + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmalert VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmalert service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: UpdateStrategy - overrides default update strategy. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + useVMConfigReloader: + description: |- + UseVMConfigReloader replaces prometheus-like config-reloader + with vm one. It uses secrets watch instead of file watch + which greatly increases speed of config updates + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + required: + - datasource + type: object + status: + description: VMAlertStatus defines the observed state of VMAlert + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmanomalies.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAnomaly + listKind: VMAnomalyList + plural: vmanomalies + singular: vmanomaly + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: current number of shards + jsonPath: .status.shards + name: Shards Count + type: integer + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VMAnomaly is the Schema for the vmanomalies API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMAnomalySpec defines the desired state of VMAnomaly. + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for VMAnomaly + items: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + x-kubernetes-preserve-unknown-fields: true + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status of + resource being resized for the given PVC.\nKey names follow + standard Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus + can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with a + terminal error.\n\t- NodeResizePending:\n\t\tState set + when resize controller has finished resizing the volume + but further resizing of\n\t\tvolume is needed on the node.\n\t- + NodeResizeInProgress:\n\t\tState set when kubelet starts + resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, it + means that no resize operation is in progress for the + given PVC.\n\nA controller that receives PVC update with + previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources allocated + to a PVC including its capacity.\nKey names follow standard + Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nCapacity + reported here may be larger than the actual capacity when + a volume expansion operation\nis requested.\nFor storage + quota, the larger value from allocatedResources and PVC.spec.resources + is used.\nIf allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and if + the actual volume capacity\nis equal or lower than the + requested capacity.\n\nA controller that receives PVC + update with previously unknown resourceName\nshould ignore + the update for the purpose it was designed. For example + - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources of + the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains details + about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed the + condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the condition + transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible indicates + that the request has been rejected as invalid by the + CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass + needs to be specified.\nNote: New statuses can be + added in the future. Consumers should check for unknown + statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: array + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configRawYaml: + description: |- + ConfigRawYaml - raw configuration for anomaly, + it helps it to start without secret. + priority -> hardcoded ConfigRaw -> ConfigRaw, provided by user -> ConfigSecret. + type: string + configSecret: + description: |- + ConfigSecret is the name of a Kubernetes Secret in the same namespace as the + VMAnomaly object, which contains configuration for this VMAnomaly, + configuration must be inside secret key: anomaly.yaml. + It must be created by user. + instance. Defaults to 'vmanomaly-' + The secret is mounted into /etc/anomaly/config. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/enterprise) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logLevel: + description: |- + LogLevel for VMAnomaly to be configured with. + INFO, WARN, ERROR, FATAL, PANIC + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + monitoring: + description: |- + Monitoring configures how expose anomaly metrics + See https://docs.victoriametrics.com/anomaly-detection/components/monitoring/ + properties: + pull: + description: |- + VMAnomalyMonitoringPullSpec defines pull monitoring configuration + which is enabled by default and served at POD_IP:8490/metrics + properties: + addr: + description: Addr changes listen addr, default is 0.0.0.0 + type: string + port: + description: Port defines a port for metrics scrape + type: string + required: + - port + type: object + push: + description: |- + VMAnomalyMonitoringPushSpec defines metrics push configuration + + VMAnomaly uses prometheus text exposition format + properties: + basicAuth: + description: Basic auth defines basic autorization configuration + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer: + description: 'BearerAuth defines authorization with Authorization: + Bearer header' + properties: + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + extraLabels: + additionalProperties: + type: string + description: ExtraLabels defines a set of labels to attach + to the pushed metrics + type: object + healthPath: + description: HealthPath defines absolute or relative URL address + where to check availability of the remote webserver + type: string + pushFrequency: + description: PushFrequency defines push internval + type: string + tenantID: + description: TenantID defines for VictoriaMetrics Cluster + version only, tenants are identified by accountID, accountID:projectID + or multitenant. + type: string + timeout: + description: Timeout for the requests, passed as a string + type: string + tlsConfig: + description: TLSConfig defines tls connection configuration + properties: + ca: + description: Struct containing the CA cert to use for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for + the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for + the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for + the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + url: + description: defines target url for push requests + type: string + required: + - url + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the vmanomaly pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + reader: + description: |- + Metrics source for VMAnomaly + See https://docs.victoriametrics.com/anomaly-detection/components/reader/ + properties: + basicAuth: + description: Basic auth defines basic autorization configuration + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer: + description: 'BearerAuth defines authorization with Authorization: + Bearer header' + properties: + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + dataRange: + description: Optional argumentallows defining valid data ranges + for input of all the queries in queries + items: + type: string + type: array + datasourceURL: + description: |- + DatasourceURL address + datatasource must serve /api/v1/query and /api/v1/query_range APIs + type: string + extraFilters: + description: List of strings with series selector. + items: + type: string + type: array + healthPath: + description: HealthPath defines absolute or relative URL address + where to check availability of the remote webserver + type: string + latencyOffset: + description: It allows overriding the default -search.latencyOffsetflag + of VictoriaMetrics + type: string + maxPointsPerQuery: + description: Optional argoverrides how search.maxPointsPerTimeseries + flagimpacts vmanomaly on splitting long fitWindow queries into + smaller sub-intervals + type: integer + queryFromLastSeenTimestamp: + description: If True, then query will be performed from the last + seen timestamp for a given series. + type: boolean + queryRangePath: + description: Performs PromQL/MetricsQL range query + type: string + samplingPeriod: + description: Frequency of the points returned + type: string + tenantID: + description: TenantID defines for VictoriaMetrics Cluster version + only, tenants are identified by accountID, accountID:projectID + or multitenant. + type: string + timeout: + description: Timeout for the requests, passed as a string + type: string + tlsConfig: + description: TLSConfig defines tls connection configuration + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for + the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + tz: + description: Optional argumentspecifies the IANA timezone to account + for local shifts, like DST, in models sensitive to seasonal + patterns + type: string + required: + - datasourceURL + - samplingPeriod + type: object + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy allows configuration for strategyType + set it to RollingUpdate for disabling operator statefulSet rollingUpdate + type: string + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmanomaly VMPodScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + shardCount: + description: |- + ShardCount - numbers of shards of VMAnomaly + in this case operator will use 1 sts per shard with + replicas count according to spec.replicas. + type: integer + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: Storage configures storage for StatefulSet + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the VMAlertManager StatefulSets. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: EmbeddedMetadata contains metadata relevant to + an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + Spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + Status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + writer: + description: |- + Metrics destination for VMAnomaly + See https://docs.victoriametrics.com/anomaly-detection/components/writer/ + properties: + basicAuth: + description: Basic auth defines basic autorization configuration + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer: + description: 'BearerAuth defines authorization with Authorization: + Bearer header' + properties: + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + datasourceURL: + description: |- + DatasourceURL defines remote write url for write requests + provided endpoint must serve /api/v1/import path + vmanomaly joins datasourceURL + "/api/v1/import" + type: string + healthPath: + description: HealthPath defines absolute or relative URL address + where to check availability of the remote webserver + type: string + metricFormat: + description: Metrics to save the output (in metric names or labels) + properties: + __name__: + description: |- + Name of result metric + Must have a value with $VAR placeholder in it to distinguish between resulting metrics + type: string + extraLabels: + additionalProperties: + type: string + description: ExtraLabels defines additional labels to be added + to the resulting metrics + type: object + for: + description: For is a special label with $QUERY_KEY placeholder + type: string + required: + - __name__ + - for + type: object + tenantID: + description: TenantID defines for VictoriaMetrics Cluster version + only, tenants are identified by accountID, accountID:projectID + or multitenant. + type: string + timeout: + description: Timeout for the requests, passed as a string + type: string + tlsConfig: + description: TLSConfig defines tls connection configuration + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for + the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - datasourceURL + type: object + required: + - reader + - writer + type: object + status: + description: VMAnomalyStatus defines the observed state of VMAnomaly. + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + shards: + description: Shards represents total number of vmanomaly statefulsets + with uniq scrape targets + format: int32 + type: integer + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.shardCount + statusReplicasPath: .status.shards + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmauths.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAuth + listKind: VMAuthList + plural: vmauths + singular: vmauth + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: The desired replicas number of Alertmanagers + jsonPath: .spec.replicaCount + name: ReplicaCount + type: integer + name: v1beta1 + schema: + openAPIV3Schema: + description: VMAuth is the Schema for the vmauths API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMAuthSpec defines the desired state of VMAuth + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configReloadAuthKeySecret: + description: |- + ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. + Given secret reference will be added to the application and vm-config-reloader as volume + available since v0.57.0 version + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + configReloaderExtraArgs: + additionalProperties: + type: string + description: |- + ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container + for example resyncInterval: "30s" + type: object + configReloaderImageTag: + description: ConfigReloaderImageTag defines image:tag for config-reloader + container + type: string + configReloaderResources: + description: |- + ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + configSecret: + description: |- + ConfigSecret is the name of a Kubernetes Secret in the same namespace as the + VMAuth object, which contains auth configuration for vmauth, + configuration must be inside secret key: config.yaml. + It must be created and managed manually. + If it's defined, configuration for vmauth becomes unmanaged and operator'll not create any related secrets/config-reloaders + Deprecated: use externalConfig.secretRef instead + type: string + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + externalConfig: + description: |- + ExternalConfig defines a source of external VMAuth configuration. + If it's defined, configuration for vmauth becomes unmanaged and operator'll not create any related secrets/config-reloaders + properties: + localPath: + description: |- + LocalPath contains static path to a config, which is managed externally for cases + when using secrets is not applicable, e.g.: Vault sidecar. + type: string + secretRef: + description: SecretRef defines selector for externally managed + secret which contains configuration + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + ingress: + description: Ingress enables ingress configuration for VMAuth. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + class_name: + description: ClassName defines ingress class name for VMAuth + type: string + extraRules: + description: |- + ExtraRules - additional rules for ingress, + must be checked for correctness by user. + items: + description: |- + IngressRule represents the rules mapping the paths under a specified host to + the related backend services. Incoming requests are first evaluated for a host + match, then routed to the backend associated with the matching IngressRuleValue. + properties: + host: + description: "host is the fully qualified domain name of + a network host, as defined by RFC 3986.\nNote the following + deviations from the \"host\" part of the\nURI as defined + in RFC 3986:\n1. IPs are not allowed. Currently an IngressRuleValue + can only apply to\n the IP in the Spec of the parent + Ingress.\n2. The `:` delimiter is not respected because + ports are not allowed.\n\t Currently the port of an Ingress + is implicitly :80 for http and\n\t :443 for https.\nBoth + these may change in the future.\nIncoming requests are + matched against the host before the\nIngressRuleValue. + If the host is unspecified, the Ingress routes all\ntraffic + based on the specified IngressRuleValue.\n\nhost can be + \"precise\" which is a domain name without the terminating + dot of\na network host (e.g. \"foo.bar.com\") or \"wildcard\", + which is a domain name\nprefixed with a single wildcard + label (e.g. \"*.foo.com\").\nThe wildcard character '*' + must appear by itself as the first DNS label and\nmatches + only a single label. You cannot have a wildcard label + by itself (e.g. Host == \"*\").\nRequests will be matched + against the Host field in the following way:\n1. If host + is precise, the request matches this rule if the http + host header is equal to Host.\n2. If host is a wildcard, + then the request matches this rule if the http host header\nis + to equal to the suffix (removing the first label) of the + wildcard rule." + type: string + http: + description: |- + HTTPIngressRuleValue is a list of http selectors pointing to backends. + In the example: http:///? -> backend where + where parts of the url correspond to RFC 3986, this resource will be used + to match against everything after the last '/' and before the first '?' + or '#'. + properties: + paths: + description: paths is a collection of paths that map + requests to backends. + items: + description: |- + HTTPIngressPath associates a path with a backend. Incoming urls matching the + path are forwarded to the backend. + properties: + backend: + description: |- + backend defines the referenced service endpoint to which the traffic + will be forwarded to. + properties: + resource: + description: |- + resource is an ObjectRef to another Kubernetes resource in the namespace + of the Ingress object. If resource is specified, a service.Name and + service.Port must not be specified. + This is a mutually exclusive setting with "Service". + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + service: + description: |- + service references a service as a backend. + This is a mutually exclusive setting with "Resource". + properties: + name: + description: |- + name is the referenced service. The service must exist in + the same namespace as the Ingress object. + type: string + port: + description: |- + port of the referenced service. A port name or port number + is required for a IngressServiceBackend. + properties: + name: + description: |- + name is the name of the port on the Service. + This is a mutually exclusive setting with "Number". + type: string + number: + description: |- + number is the numerical port number (e.g. 80) on the Service. + This is a mutually exclusive setting with "Name". + format: int32 + type: integer + type: object + x-kubernetes-map-type: atomic + required: + - name + type: object + type: object + path: + description: |- + path is matched against the path of an incoming request. Currently it can + contain characters disallowed from the conventional "path" part of a URL + as defined by RFC 3986. Paths must begin with a '/' and must be present + when using PathType with value "Exact" or "Prefix". + type: string + pathType: + description: |- + pathType determines the interpretation of the path matching. PathType can + be one of the following values: + * Exact: Matches the URL path exactly. + * Prefix: Matches based on a URL path prefix split by '/'. Matching is + done on a path element by element basis. A path element refers is the + list of labels in the path split by the '/' separator. A request is a + match for path p if every p is an element-wise prefix of p of the + request path. Note that if the last element of the path is a substring + of the last element in request path, it is not a match (e.g. /foo/bar + matches /foo/bar/baz, but does not match /foo/barbaz). + * ImplementationSpecific: Interpretation of the Path matching is up to + the IngressClass. Implementations can treat this as a separate PathType + or treat it identically to Prefix or Exact path types. + Implementations are required to support all path types. + type: string + required: + - backend + - pathType + type: object + type: array + x-kubernetes-list-type: atomic + required: + - paths + type: object + type: object + type: array + extraTls: + description: |- + ExtraTLS - additional TLS configuration for ingress + must be checked for correctness by user. + items: + description: IngressTLS describes the transport layer security + associated with an ingress. + properties: + hosts: + description: |- + hosts is a list of hosts included in the TLS certificate. The values in + this list must match the name/s used in the tlsSecret. Defaults to the + wildcard host setting for the loadbalancer controller fulfilling this + Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: |- + secretName is the name of the secret used to terminate TLS traffic on + port 443. Field is left optional to allow TLS routing based on SNI + hostname alone. If the SNI host in a listener conflicts with the "Host" + header field used by an IngressRule, the SNI host is used for termination + and value of the "Host" header is used for routing. + type: string + type: object + type: array + host: + description: |- + Host defines ingress host parameter for default rule + It will be used, only if TlsHosts is empty + type: string + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + tlsHosts: + description: TlsHosts configures TLS access for ingress, tlsSecretName + must be defined for it. + items: + type: string + type: array + tlsSecretName: + description: |- + TlsSecretName defines secretname at the VMAuth namespace with cert and key + https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + type: string + type: object + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + internalListenPort: + description: |- + InternalListenPort instructs vmauth to serve internal routes at given port + available from v0.56.0 operator + and v1.111.0 vmauth version + related doc https://docs.victoriametrics.com/vmauth/#security + type: string + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/enterprise) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VMAuth to be configured with. + enum: + - default + - json + type: string + logLevel: + description: LogLevel for victoria metrics single to be configured + with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the VMAuth pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + selectAllByDefault: + description: |- + SelectAllByDefault changes default behavior for empty CRD selectors, such userSelector. + with selectAllByDefault: true and empty userSelector and userNamespaceSelector + Operator selects all exist users + with selectAllByDefault: false - selects nothing + type: boolean + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmauth VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmsingle service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + unauthorizedAccessConfig: + description: |- + UnauthorizedAccessConfig configures access for un authorized users + + Deprecated: use unauthorizedUserAccessSpec instead + will be removed at v1.0 release + x-kubernetes-preserve-unknown-fields: true + unauthorizedUserAccessSpec: + description: UnauthorizedUserAccessSpec defines unauthorized_user + config section of vmauth config + properties: + default_url: + description: |- + DefaultURLs backend url for non-matching paths filter + usually used for default backend with error message + items: + type: string + type: array + discover_backend_ips: + description: DiscoverBackendIPs instructs discovering URLPrefix + backend IPs via DNS. + type: boolean + drop_src_path_prefix_parts: + description: |- + DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. + See [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details. + type: integer + dump_request_on_errors: + description: |- + DumpRequestOnErrors instructs vmauth to return detailed request params to the client + if routing rules don't allow to forward request to the backends. + Useful for debugging `src_hosts` and `src_headers` based routing rules + + available since v1.107.0 vmauth version + type: boolean + headers: + description: |- + Headers represent additional http headers, that vmauth uses + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.68.0 version of vmauth + items: + type: string + type: array + ip_filters: + description: |- + IPFilters defines per target src ip filters + supported only with enterprise version of [vmauth](https://docs.victoriametrics.com/vmauth/#ip-filters) + properties: + allow_list: + items: + type: string + type: array + deny_list: + items: + type: string + type: array + type: object + load_balancing_policy: + description: |- + LoadBalancingPolicy defines load balancing policy to use for backend urls. + Supported policies: least_loaded, first_available. + See [here](https://docs.victoriametrics.com/vmauth#load-balancing) for more details (default "least_loaded") + enum: + - least_loaded + - first_available + type: string + max_concurrent_requests: + description: |- + MaxConcurrentRequests defines max concurrent requests per user + 300 is default value for vmauth + type: integer + metric_labels: + additionalProperties: + type: string + description: MetricLabels - additional labels for metrics exported + by vmauth for given user. + type: object + response_headers: + description: |- + ResponseHeaders represent additional http headers, that vmauth adds for request response + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.93.0 version of vmauth + items: + type: string + type: array + retry_status_codes: + description: |- + RetryStatusCodes defines http status codes in numeric format for request retries + e.g. [429,503] + items: + type: integer + type: array + tlsConfig: + description: TLSConfig defines tls configuration for the backend + connection + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for + the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + url_map: + items: + description: |- + UnauthorizedAccessConfigURLMap defines element of url_map routing configuration + For UnauthorizedAccessConfig and VMAuthUnauthorizedUserAccessSpec.URLMap + properties: + discover_backend_ips: + description: DiscoverBackendIPs instructs discovering URLPrefix + backend IPs via DNS. + type: boolean + drop_src_path_prefix_parts: + description: |- + DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. + See [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details. + type: integer + headers: + description: |- + RequestHeaders represent additional http headers, that vmauth uses + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.68.0 version of vmauth + items: + type: string + type: array + load_balancing_policy: + description: |- + LoadBalancingPolicy defines load balancing policy to use for backend urls. + Supported policies: least_loaded, first_available. + See [here](https://docs.victoriametrics.com/vmauth#load-balancing) for more details (default "least_loaded") + enum: + - least_loaded + - first_available + type: string + response_headers: + description: |- + ResponseHeaders represent additional http headers, that vmauth adds for request response + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.93.0 version of vmauth + items: + type: string + type: array + retry_status_codes: + description: |- + RetryStatusCodes defines http status codes in numeric format for request retries + Can be defined per target or at VMUser.spec level + e.g. [429,503] + items: + type: integer + type: array + src_headers: + description: SrcHeaders is an optional list of headers, + which must match request headers. + items: + type: string + type: array + src_hosts: + description: SrcHosts is an optional list of regular expressions, + which must match the request hostname. + items: + type: string + type: array + src_paths: + description: SrcPaths is an optional list of regular expressions, + which must match the request path. + items: + type: string + type: array + src_query_args: + description: SrcQueryArgs is an optional list of query args, + which must match request URL query args. + items: + type: string + type: array + url_prefix: + description: |- + UrlPrefix contains backend url prefixes for the proxied request url. + URLPrefix defines prefix prefix for destination + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + url_prefix: + description: URLPrefix defines prefix prefix for destination + x-kubernetes-preserve-unknown-fields: true + type: object + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useProxyProtocol: + description: |- + UseProxyProtocol enables proxy protocol for vmauth + https://www.haproxy.org/download/2.3/doc/proxy-protocol.txt + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + useVMConfigReloader: + description: |- + UseVMConfigReloader replaces prometheus-like config-reloader + with vm one. It uses secrets watch instead of file watch + which greatly increases speed of config updates + type: boolean + userNamespaceSelector: + description: |- + UserNamespaceSelector Namespaces to be selected for VMAuth discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAuth namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + userSelector: + description: |- + UserSelector defines VMUser to be selected for config file generation. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAuth namespace. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: VMAuthStatus defines the observed state of VMAuth + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmclusters.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMCluster + listKind: VMClusterList + plural: vmclusters + singular: vmcluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: replicas of VMInsert + jsonPath: .spec.vminsert.replicaCount + name: Insert Count + type: string + - description: replicas of VMStorage + jsonPath: .spec.vmstorage.replicaCount + name: Storage Count + type: string + - description: replicas of VMSelect + jsonPath: .spec.vmselect.replicaCount + name: Select Count + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Current status of cluster + jsonPath: .status.updateStatus + name: Status + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMCluster is fast, cost-effective and scalable time-series database. + Cluster version with + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMClusterSpec defines the desired state of VMCluster + properties: + clusterDomainName: + description: |- + ClusterDomainName defines domain name suffix for in-cluster dns addresses + aka .cluster.local + used by vminsert and vmselect to build vmstorage address + type: string + clusterVersion: + description: |- + ClusterVersion defines default images tag for all components. + it can be overwritten with component specific image.tag value. + type: string + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/enterprise) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + replicationFactor: + description: |- + ReplicationFactor defines how many copies of data make among + distinct storage nodes + format: int32 + type: integer + requestsLoadBalancer: + description: |- + RequestsLoadBalancer configures load-balancing for vminsert and vmselect requests. + It helps to evenly spread load across pods. + Usually it's not possible with Kubernetes TCP-based services. + See more [here](https://docs.victoriametrics.com/operator/resources/vmcluster/#requests-load-balancing) + properties: + disableInsertBalancing: + type: boolean + disableSelectBalancing: + type: boolean + enabled: + type: boolean + spec: + description: |- + VMAuthLoadBalancerSpec defines configuration spec for VMAuth used as load-balancer + for VMCluster component + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + retentionPeriod: + description: |- + RetentionPeriod defines how long to retain stored metrics, specified as a duration (e.g., "1d", "1w", "1m"). + Data with timestamps outside the RetentionPeriod is automatically deleted. The minimum allowed value is 1d, or 24h. + The default value is 1 (one month). + See [retention](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#retention) docs for details. + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + serviceAccountName: + description: |- + ServiceAccountName is the name of the ServiceAccount to use to run the + VMSelect, VMStorage and VMInsert Pods. + type: string + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + vminsert: + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + clusterNativeListenPort: + description: |- + ClusterNativePort for multi-level cluster setup. + More [details](https://docs.victoriametrics.com/Cluster-VictoriaMetrics#multi-level-cluster-setup) + type: string + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + hpa: + description: HPA defines kubernetes PodAutoScaling configuration + version 2. + type: object + x-kubernetes-preserve-unknown-fields: true + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + insertPorts: + description: InsertPorts - additional listen ports for data ingestion. + properties: + graphitePort: + description: GraphitePort listen port + type: string + influxPort: + description: InfluxPort listen port + type: string + openTSDBHTTPPort: + description: OpenTSDBHTTPPort for http connections. + type: string + openTSDBPort: + description: OpenTSDBPort for tcp and udp listen + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VMInsert to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMInsert to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VMInsert pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vminsert + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vminsert service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: UpdateStrategy - overrides default update strategy. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + vmselect: + description: VMSelect defines configuration section for vmselect components + of the victoria-metrics cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + cacheMountPath: + description: |- + CacheMountPath allows to add cache persistent for VMSelect, + will use "/cache" as default if not specified. + type: string + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for StatefulSet + items: + description: PersistentVolumeClaim is a user's request for and + claim to a persistent volume + type: object + type: array + clusterNativeListenPort: + description: |- + ClusterNativePort for multi-level cluster setup. + More [details](https://docs.victoriametrics.com/Cluster-VictoriaMetrics#multi-level-cluster-setup) + type: string + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + hpa: + description: |- + Configures horizontal pod autoscaling. + Note, enabling this option disables vmselect to vmselect communication. In most cases it's not an issue. + type: object + x-kubernetes-preserve-unknown-fields: true + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VMSelect to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMSelect to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + persistentVolume: + description: |- + Storage - add persistent volume for cacheMountPath + its useful for persistent cache + use storage instead of persistentVolume. + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the VMAlertManager StatefulSets. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VMSelect pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy defines strategy for application updates + Default is OnDelete, in this case operator handles update process + Can be changed for RollingUpdate + type: string + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + StorageSpec - add persistent volume claim for cacheMountPath + its needed for persistent cache + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the VMAlertManager StatefulSets. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: EmbeddedMetadata contains metadata relevant + to an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + Spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to + the PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + Status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey + names follow standard Kubernetes label syntax. Valid + values are either:\n\t* Un-prefixed keys:\n\t\t- + storage - the capacity of the volume.\n\t* Custom + resources must use implementation-defined prefixed + names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or + have kubernetes.io prefix are considered\nreserved + and hence may not be used.\n\nClaimResourceStatus + can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller + with a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing + the volume but further resizing of\n\t\tvolume is + needed on the node.\n\t- NodeResizeInProgress:\n\t\tState + set when kubelet starts resizing the volume.\n\t- + NodeResizeFailed:\n\t\tState set when resizing has + failed in kubelet with a terminal error. Transient + errors don't set\n\t\tNodeResizeFailed.\nFor example: + if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress + for the given PVC.\n\nA controller that receives + PVC update with previously unknown resourceName + or ClaimResourceStatus\nshould ignore the update + for the purpose it was designed. For example - a + controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with + PVC.\n\nThis is an alpha field and requires enabling + RecoverVolumeExpansionFailure feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey + names follow standard Kubernetes label syntax. Valid + values are either:\n\t* Un-prefixed keys:\n\t\t- + storage - the capacity of the volume.\n\t* Custom + resources must use implementation-defined prefixed + names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or + have kubernetes.io prefix are considered\nreserved + and hence may not be used.\n\nCapacity reported + here may be larger than the actual capacity when + a volume expansion operation\nis requested.\nFor + storage quota, the larger value from allocatedResources + and PVC.spec.resources is used.\nIf allocatedResources + is not set, PVC.spec.resources alone is used for + quota calculation.\nIf a volume expansion capacity + request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress + and if the actual volume capacity\nis equal or lower + than the requested capacity.\n\nA controller that + receives PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. + For example - a controller that\nonly is responsible + for resizing capacity of the volume, should ignore + PVC updates that change other valid\nresources associated + with PVC.\n\nThis is an alpha field and requires + enabling RecoverVolumeExpansionFailure feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time + the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, + such as\n the specified VolumeAttributesClass + not existing.\n - InProgress\n InProgress + indicates that the volume is being modified.\n + - Infeasible\n Infeasible indicates that the + request has been rejected as invalid by the + CSI driver. To\n\t resolve the error, a valid + VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is + the name of the VolumeAttributesClass the PVC + currently being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of + PersistentVolumeClaim. + type: string + type: object + type: object + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + vmstorage: + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for StatefulSet + items: + description: PersistentVolumeClaim is a user's request for and + claim to a persistent volume + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VMStorage to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMStorage to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + maintenanceInsertNodeIDs: + description: |- + MaintenanceInsertNodeIDs - excludes given node ids from insert requests routing, must contain pod suffixes - for pod-0, id will be 0 and etc. + lets say, you have pod-0, pod-1, pod-2, pod-3. to exclude pod-0 and pod-3 from insert routing, define nodeIDs: [0,3]. + Useful at storage expanding, when you want to rebalance some data at cluster. + items: + format: int32 + type: integer + type: array + maintenanceSelectNodeIDs: + description: MaintenanceInsertNodeIDs - excludes given node ids + from select requests routing, must contain pod suffixes - for + pod-0, id will be 0 and etc. + items: + format: int32 + type: integer + type: array + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VMStorage pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy defines strategy for application updates + Default is OnDelete, in this case operator handles update process + Can be changed for RollingUpdate + type: string + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmstorage + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be create additional service + for vmstorage + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + Storage - add persistent volume for StorageDataPath + its useful for persistent cache + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the VMAlertManager StatefulSets. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + storageDataPath: + description: StorageDataPath - path to storage data + type: string + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + vmBackup: + description: VMBackup configuration for backup + properties: + acceptEULA: + description: |- + AcceptEULA accepts enterprise feature usage, must be set to true. + otherwise backupmanager cannot be added to single/cluster version. + https://victoriametrics.com/legal/esa/ + type: boolean + concurrency: + description: Defines number of concurrent workers. Higher + concurrency may reduce backup duration (default 10) + format: int32 + type: integer + credentialsSecret: + description: |- + CredentialsSecret is secret in the same namespace for access to remote storage + The secret is mounted into /etc/vm/creds. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + customS3Endpoint: + description: Custom S3 endpoint for use with S3-compatible + storages (e.g. MinIO). S3 is used if not set + type: string + destination: + description: Defines destination for backup + type: string + destinationDisableSuffixAdd: + description: |- + DestinationDisableSuffixAdd - disables suffix adding for cluster version backups + each vmstorage backup must have unique backup folder + so operator adds POD_NAME as suffix for backup destination folder. + type: boolean + disableDaily: + description: Defines if daily backups disabled (default false) + type: boolean + disableHourly: + description: Defines if hourly backups disabled (default false) + type: boolean + disableMonthly: + description: Defines if monthly backups disabled (default + false) + type: boolean + disableWeekly: + description: Defines if weekly backups disabled (default false) + type: boolean + extraArgs: + additionalProperties: + type: string + description: extra args like maxBytesPerSecond default 0 + type: object + extraEnvs: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: Image - docker image settings for VMBackuper + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + + it's repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + logFormat: + description: |- + LogFormat for VMBackup to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMBackup to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + port: + description: Port for health check connections + type: string + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restore: + description: |- + Restore Allows to enable restore options for pod + Read [more](https://docs.victoriametrics.com/vmbackupmanager#restore-commands) + properties: + onStart: + description: OnStart defines configuration for restore + on pod start + properties: + enabled: + description: Enabled defines if restore on start enabled + type: boolean + type: object + type: object + snapshotCreateURL: + description: SnapshotCreateURL overwrites url for snapshot + create + type: string + snapshotDeleteURL: + description: SnapShotDeleteURL overwrites url for snapshot + delete + type: string + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment definition. + VolumeMounts specified will be appended to other VolumeMounts in the vmbackupmanager container, + that are generated as a result of StorageSpec objects. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + type: object + vmInsertPort: + description: VMInsertPort for VMInsert connections + type: string + vmSelectPort: + description: VMSelectPort for VMSelect connections + type: string + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + status: + description: VMClusterStatus defines the observed state of VMCluster + properties: + clusterStatus: + description: LegacyStatus is deprecated and will be removed at v0.52.0 + version + type: string + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmnodescrapes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMNodeScrape + listKind: VMNodeScrapeList + plural: vmnodescrapes + singular: vmnodescrape + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMNodeScrape defines discovery for targets placed on kubernetes nodes, + usually its node-exporters and other host services. + InternalIP is used as __address__ for scraping. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMNodeScrapeSpec defines specification for VMNodeScrape. + properties: + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over basic + authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects the + timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + jobLabel: + description: The label to use to retrieve the job name from. + type: string + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped data + for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 client + id + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the port exposed at Node. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes to + proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + selector: + description: Selector to select kubernetes Nodes. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Node + onto the target. + items: + type: string + type: array + tlsConfig: + description: TLSConfig configuration to use when scraping the endpoint + properties: + ca: + description: Struct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for the + targets. + type: string + cert: + description: Struct containing the client cert file for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container for + the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container for + the targets. + type: string + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific scrape + parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/vmagent#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmpodscrapes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMPodScrape + listKind: VMPodScrapeList + plural: vmpodscrapes + singular: vmpodscrape + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMPodScrape is scrape configuration for pods, + it generates vmagent's config for scraping pod targets + based on selectors. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMPodScrapeSpec defines the desired state of VMPodScrape + properties: + attach_metadata: + description: AttachMetadata configures metadata attaching from service + discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: Selector to select which namespaces the Endpoints objects + are discovered from. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + podMetricsEndpoints: + description: A list of endpoints allowed as part of this PodMonitor. + items: + description: PodMetricsEndpoint defines a scrapeable endpoint of + a Kubernetes Pod serving metrics. + properties: + attach_metadata: + description: AttachMetadata configures metadata attaching from + service discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + filterRunning: + description: |- + FilterRunning applies filter with pod status == running + it prevents from scrapping metrics at failed or succeed state pods. + enabled by default + type: boolean + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects + the timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped + data for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after + scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the port exposed at Pod. + type: string + portNumber: + description: PortNumber defines the `Pod` port number which + exposes the endpoint. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number + of scraped samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetPort: + anyOf: + - type: integer + - type: string + description: |- + TargetPort defines name or number of the pod port this endpoint refers to. + Mutually exclusive with Port and PortNumber. + x-kubernetes-int-or-string: true + tlsConfig: + description: TLSConfig configuration to use when scraping the + endpoint + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific + scrape parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/vmagent#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + type: array + podTargetLabels: + description: PodTargetLabels transfers labels on the Kubernetes Pod + onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + selector: + description: Selector to select Pod objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + required: + - podMetricsEndpoints + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmprobes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMProbe + listKind: VMProbeList + plural: vmprobes + singular: vmprobe + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMProbe defines a probe for targets, that will be executed with prober, + like blackbox exporter. + It helps to monitor reachability of target with various checks. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMProbeSpec contains specification parameters for a Probe. + properties: + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over basic + authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects the + timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + jobName: + description: The job name assigned to scraped metrics by default. + type: string + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped data + for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + module: + description: |- + The module to use for probing specifying how to probe the target. + Example module configuring in the blackbox exporter: + https://github.com/prometheus/blackbox_exporter/blob/master/example.yml + type: string + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 client + id + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes to + proxy through this endpoint. + type: string + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targets: + description: Targets defines a set of static and/or dynamically discovered + targets to be probed using the prober. + properties: + ingress: + description: Ingress defines the set of dynamically discovered + ingress objects which hosts are considered for probing. + properties: + namespaceSelector: + description: Select Ingress objects by namespace. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + relabelingConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + selector: + description: Select Ingress objects by labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + type: object + staticConfig: + description: StaticConfig defines static targets which are considers + for probing. + properties: + labels: + additionalProperties: + type: string + description: Labels assigned to all metrics scraped from the + targets. + type: object + relabelingConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + targets: + description: Targets is a list of URLs to probe using the + configured prober. + items: + type: string + type: array + required: + - targets + type: object + type: object + tlsConfig: + description: TLSConfig configuration to use when scraping the endpoint + properties: + ca: + description: Struct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for the + targets. + type: string + cert: + description: Struct containing the client cert file for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container for + the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container for + the targets. + type: string + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific scrape + parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/vmagent#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + vmProberSpec: + description: |- + Specification for the prober to use for probing targets. + The prober.URL parameter is required. Targets cannot be probed if left empty. + properties: + path: + description: |- + Path to collect metrics from. + Defaults to `/probe`. + type: string + scheme: + description: |- + HTTP scheme to use for scraping. + Defaults to `http`. + enum: + - http + - https + type: string + url: + description: Mandatory URL of the prober. + type: string + required: + - url + type: object + required: + - vmProberSpec + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmrules.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMRule + listKind: VMRuleList + plural: vmrules + singular: vmrule + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMRule defines rule records for vmalert application + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMRuleSpec defines the desired state of VMRule + properties: + groups: + description: Groups list of group rules + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + concurrency: + description: Concurrency defines how many rules execute at once. + type: integer + eval_alignment: + description: |- + Optional + The evaluation timestamp will be aligned with group's interval, + instead of using the actual timestamp that evaluation happens at. + It is enabled by default to get more predictable results + and to visually align with graphs plotted via Grafana or vmui. + type: boolean + eval_delay: + description: |- + Optional + Adjust the `time` parameter of group evaluation requests to compensate intentional query delay from the datasource. + type: string + eval_offset: + description: |- + Optional + Group will be evaluated at the exact offset in the range of [0...interval]. + type: string + extra_filter_labels: + additionalProperties: + type: string + description: |- + ExtraFilterLabels optional list of label filters applied to every rule's + request within a group. Is compatible only with VM datasource. + See more details [here](https://docs.victoriametrics.com/#prometheus-querying-api-enhancements) + Deprecated: use params instead + type: object + headers: + description: |- + Headers contains optional HTTP headers added to each rule request + Must be in form `header-name: value` + For example: + headers: + - "CustomHeader: foo" + - "CustomHeader2: bar" + items: + type: string + type: array + interval: + description: evaluation interval for group + type: string + labels: + additionalProperties: + type: string + description: |- + Labels optional list of labels added to every rule within a group. + It has priority over the external labels. + Labels are commonly used for adding environment + or tenant-specific tag. + type: object + limit: + description: |- + Limit the number of alerts an alerting rule and series a recording + rule can produce + type: integer + name: + description: Name of group + type: string + notifier_headers: + description: |- + NotifierHeaders contains optional HTTP headers added to each alert request which will send to notifier + Must be in form `header-name: value` + For example: + headers: + - "CustomHeader: foo" + - "CustomHeader2: bar" + items: + type: string + type: array + params: + additionalProperties: + items: + type: string + type: array + description: Params optional HTTP URL parameters added to each + rule request + type: object + rules: + description: Rules list of alert rules + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + description: Alert is a name for alert + type: string + annotations: + additionalProperties: + type: string + description: Annotations will be added to rule configuration + type: object + debug: + description: |- + Debug enables logging for rule + it useful for tracking + type: boolean + expr: + description: Expr is query, that will be evaluated at + dataSource + type: string + for: + description: |- + For evaluation interval in time.Duration format + 30s, 1m, 1h or nanoseconds + type: string + keep_firing_for: + description: |- + KeepFiringFor will make alert continue firing for this long + even when the alerting expression no longer has results. + Use time.Duration format, 30s, 1m, 1h or nanoseconds + type: string + labels: + additionalProperties: + type: string + description: Labels will be added to rule configuration + type: object + record: + description: Record represents a query, that will be recorded + to dataSource + type: string + update_entries_limit: + description: |- + UpdateEntriesLimit defines max number of rule's state updates stored in memory. + Overrides `-rule.updateEntriesLimit` in vmalert. + type: integer + type: object + type: array + tenant: + description: |- + Tenant id for group, can be used only with enterprise version of vmalert. + See more details [here](https://docs.victoriametrics.com/vmalert#multitenancy). + type: string + type: + description: |- + Type defines datasource type for enterprise version of vmalert + possible values - prometheus,graphite,vlogs + type: string + required: + - name + - rules + type: object + type: array + required: + - groups + type: object + status: + description: VMRuleStatus defines the observed state of VMRule + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmscrapeconfigs.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMScrapeConfig + listKind: VMScrapeConfigList + plural: vmscrapeconfigs + singular: vmscrapeconfig + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMScrapeConfig specifies a set of targets and parameters describing + how to scrape them. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMScrapeConfigSpec defines the desired state of VMScrapeConfig + properties: + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + azureSDConfigs: + description: AzureSDConfigs defines a list of Azure service discovery + configurations. + items: + description: |- + AzureSDConfig allow retrieving scrape targets from Azure VMs. + See [here](https://docs.victoriametrics.com/sd_configs#azure_sd_configs) + properties: + authenticationMethod: + description: |- + # The authentication method, either OAuth or ManagedIdentity. + See https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview + enum: + - OAuth + - ManagedIdentity + type: string + clientID: + description: Optional client ID. Only required with the OAuth + authentication method. + type: string + clientSecret: + description: Optional client secret. Only required with the + OAuth authentication method. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + environment: + description: The Azure environment. + type: string + port: + description: |- + The port to scrape metrics from. If using the public IP address, this must + instead be specified in the relabeling rule. + type: integer + resourceGroup: + description: Optional resource group name. Limits discovery + to this resource group. + type: string + subscriptionID: + description: The subscription ID. Always required. + minLength: 1 + type: string + tenantID: + description: Optional tenant ID. Only required with the OAuth + authentication method. + type: string + required: + - subscriptionID + type: object + type: array + basicAuth: + description: BasicAuth allow an endpoint to authenticate over basic + authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + consulSDConfigs: + description: ConsulSDConfigs defines a list of Consul service discovery + configurations. + items: + description: |- + ConsulSDConfig defines a Consul service discovery configuration. + See [here](https://docs.victoriametrics.com/sd_configs/#consul_sd_configs) + properties: + allowStale: + description: |- + Allow stale Consul results (see https://developer.hashicorp.com/consul/api-docs/features/consistency ). Will reduce load on Consul. + If unset, use its default value. + type: boolean + authorization: + description: Authorization header to use on every scrape request. + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth information to use on every scrape request. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + datacenter: + description: Consul Datacenter name, if not provided it will + use the local Consul Agent Datacenter. + type: string + filter: + description: |- + Filter defines filter for /v1/catalog/services requests + See https://developer.hashicorp.com/consul/api-docs/features/filtering + type: string + followRedirects: + description: |- + Configure whether HTTP requests follow HTTP 3xx redirects. + If unset, use its default value. + type: boolean + namespace: + description: Namespaces are only supported in Consul Enterprise. + type: string + nodeMeta: + additionalProperties: + type: string + description: Node metadata key/value pairs to filter nodes for + a given service. + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + partition: + description: Admin Partitions are only supported in Consul Enterprise. + type: string + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See [feature description](https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy) + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP Scheme default "http" + enum: + - HTTP + - HTTPS + type: string + server: + description: A valid string consisting of a hostname or IP followed + by an optional port number. + minLength: 1 + type: string + services: + description: A list of services for which targets are retrieved. + If omitted, all services are scraped. + items: + type: string + type: array + x-kubernetes-list-type: atomic + tagSeparator: + description: |- + The string by which Consul tags are joined into the tag label. + If unset, use its default value. + type: string + tags: + description: An optional list of tags used to filter nodes for + a given service. Services must contain all tags in the list. + items: + type: string + type: array + x-kubernetes-list-type: atomic + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + tokenRef: + description: Consul ACL TokenRef, if not provided it will use + the ACL from the local Consul Agent. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - server + type: object + type: array + digitalOceanSDConfigs: + description: DigitalOceanSDConfigs defines a list of DigitalOcean + service discovery configurations. + items: + description: |- + DigitalOceanSDConfig allow retrieving scrape targets from DigitalOcean's Droplets API. + This service discovery uses the public IPv4 address by default, by that can be changed with relabeling. + See [here](https://docs.victoriametrics.com/sd_configs#digitalocean_sd_configs) + properties: + authorization: + description: Authorization header to use on every scrape request. + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + followRedirects: + description: Configure whether HTTP requests follow HTTP 3xx + redirects. + type: boolean + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + port: + description: The port to scrape metrics from. + type: integer + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See [feature description](https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy) + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + type: object + type: array + dnsSDConfigs: + description: DNSSDConfigs defines a list of DNS service discovery + configurations. + items: + description: |- + DNSSDConfig allows specifying a set of DNS domain names which are periodically queried to discover a list of targets. + The DNS servers to be contacted are read from /etc/resolv.conf. + See [here](https://docs.victoriametrics.com/sd_configs#dns_sd_configs) + properties: + names: + description: A list of DNS domain names to be queried. + items: + type: string + minItems: 1 + type: array + port: + description: |- + The port number used if the query type is not SRV + Ignored for SRV records + type: integer + type: + enum: + - SRV + - A + - AAAA + - MX + type: string + required: + - names + type: object + type: array + ec2SDConfigs: + description: EC2SDConfigs defines a list of EC2 service discovery + configurations. + items: + description: |- + EC2SDConfig allow retrieving scrape targets from AWS EC2 instances. + The private IP address is used by default, but may be changed to the public IP address with relabeling. + The IAM credentials used must have the ec2:DescribeInstances permission to discover scrape targets. + See [here](https://docs.victoriametrics.com/sd_configs#ec2_sd_configs) + properties: + accessKey: + description: AccessKey is the AWS API key. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + filters: + description: |- + Filters can be used optionally to filter the instance list by other criteria. + Available filter criteria can be found here: + https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html + Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html + items: + description: EC2Filter is the configuration for filtering + EC2 instances. + properties: + name: + type: string + values: + items: + type: string + type: array + required: + - name + - values + type: object + type: array + port: + description: |- + The port to scrape metrics from. If using the public IP address, this must + instead be specified in the relabeling rule. + type: integer + region: + description: The AWS region + type: string + roleARN: + description: AWS Role ARN, an alternative to using AWS API keys. + type: string + secretKey: + description: SecretKey is the AWS API secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + fileSDConfigs: + description: FileSDConfigs defines a list of file service discovery + configurations. + items: + description: |- + FileSDConfig defines a file service discovery configuration. + See [here](https://docs.victoriametrics.com/sd_configs#file_sd_configs) + properties: + files: + description: List of files to be used for file discovery. + items: + type: string + minItems: 1 + type: array + required: + - files + type: object + type: array + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + gceSDConfigs: + description: GCESDConfigs defines a list of GCE service discovery + configurations. + items: + description: |- + GCESDConfig configures scrape targets from GCP GCE instances. + The private IP address is used by default, but may be changed to + the public IP address with relabeling. + See [here](https://docs.victoriametrics.com/sd_configs#gce_sd_configs) + + The GCE service discovery will load the Google Cloud credentials + from the file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable. + See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform + properties: + filter: + description: |- + Filter can be used optionally to filter the instance list by other criteria + Syntax of this filter is described in the filter query parameter section: + https://cloud.google.com/compute/docs/reference/latest/instances/list + type: string + port: + description: |- + The port to scrape metrics from. If using the public IP address, this must + instead be specified in the relabeling rule. + type: integer + project: + description: The Google Cloud Project ID + minLength: 1 + type: string + tagSeparator: + description: The tag separator is used to separate the tags + on concatenation + type: string + zone: + description: The zone of the scrape targets. If you need multiple + zones use multiple GCESDConfigs. + x-kubernetes-preserve-unknown-fields: true + required: + - project + - zone + type: object + type: array + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects the + timestamps present in scraped data. + type: boolean + httpSDConfigs: + description: HTTPSDConfigs defines a list of HTTP service discovery + configurations. + items: + description: |- + HTTPSDConfig defines a HTTP service discovery configuration. + See [here](https://docs.victoriametrics.com/sd_configs#http_sd_configs) + properties: + authorization: + description: Authorization header to use on every scrape request. + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth information to use on every scrape request. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See [feature description](https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy) + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + url: + description: URL from which the targets are fetched. + minLength: 1 + pattern: ^http(s)?://.+$ + type: string + required: + - url + type: object + type: array + interval: + description: Interval at which metrics should be scraped + type: string + kubernetesSDConfigs: + description: KubernetesSDConfigs defines a list of Kubernetes service + discovery configurations. + items: + description: |- + KubernetesSDConfig allows retrieving scrape targets from Kubernetes' REST API. + See [here](https://docs.victoriametrics.com/sd_configs#kubernetes_sd_configs) + properties: + apiServer: + description: |- + The API server address consisting of a hostname or IP address followed + by an optional port number. + If left empty, assuming process is running inside + of the cluster. It will discover API servers automatically and use the pod's + CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. + type: string + attach_metadata: + description: AttachMetadata configures metadata attaching from + service discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + authorization: + description: Authorization header to use on every scrape request. + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth information to use on every scrape request. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + followRedirects: + description: Configure whether HTTP requests follow HTTP 3xx + redirects. + type: boolean + namespaces: + description: Optional namespace discovery. If omitted, discover + targets across all namespaces. + properties: + names: + description: |- + List of namespaces where to watch for resources. + If empty and `ownNamespace` isn't true, watch for resources in all namespaces. + items: + type: string + type: array + ownNamespace: + description: Includes the namespace in which the pod exists + to the list of watched namespaces. + type: boolean + type: object + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See [feature description](https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy) + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + role: + description: Role of the Kubernetes entities that should be + discovered. + type: string + selectors: + description: Selector to select objects. + items: + description: K8SSelectorConfig is Kubernetes Selector Config + properties: + field: + type: string + label: + type: string + role: + type: string + required: + - role + type: object + type: array + x-kubernetes-list-map-keys: + - role + x-kubernetes-list-type: map + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - role + type: object + type: array + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped data + for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 client + id + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + openstackSDConfigs: + description: OpenStackSDConfigs defines a list of OpenStack service + discovery configurations. + items: + description: |- + OpenStackSDConfig allow retrieving scrape targets from OpenStack Nova instances. + See [here](https://docs.victoriametrics.com/sd_configs#openstack_sd_configs) + properties: + allTenants: + description: |- + Whether the service discovery should list all instances for all projects. + It is only relevant for the 'instance' role and usually requires admin permissions. + type: boolean + applicationCredentialId: + description: ApplicationCredentialID + type: string + applicationCredentialName: + description: |- + The ApplicationCredentialID or ApplicationCredentialName fields are + required if using an application credential to authenticate. Some providers + allow you to create an application credential to authenticate rather than a + password. + type: string + applicationCredentialSecret: + description: |- + The applicationCredentialSecret field is required if using an application + credential to authenticate. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + availability: + description: Availability of the endpoint to connect to. + enum: + - Public + - public + - Admin + - admin + - Internal + - internal + type: string + domainID: + description: DomainID + type: string + domainName: + description: |- + At most one of domainId and domainName must be provided if using username + with Identity V3. Otherwise, either are optional. + type: string + identityEndpoint: + description: |- + IdentityEndpoint specifies the HTTP endpoint that is required to work with + the Identity API of the appropriate version. + type: string + password: + description: |- + Password for the Identity V2 and V3 APIs. Consult with your provider's + control panel to discover your account's preferred method of authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + port: + description: |- + The port to scrape metrics from. If using the public IP address, this must + instead be specified in the relabeling rule. + type: integer + projectID: + description: ' ProjectID' + type: string + projectName: + description: |- + The ProjectId and ProjectName fields are optional for the Identity V2 API. + Some providers allow you to specify a ProjectName instead of the ProjectId. + Some require both. Your provider's authentication policies will determine + how these fields influence authentication. + type: string + region: + description: The OpenStack Region. + minLength: 1 + type: string + role: + description: The OpenStack role of entities that should be discovered. + enum: + - Instance + - instance + - Hypervisor + - hypervisor + type: string + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + userid: + description: UserID + type: string + username: + description: |- + Username is required if using Identity V2 API. Consult with your provider's + control panel to discover your account's username. + In Identity V3, either userid or a combination of username + and domainId or domainName are needed + type: string + required: + - region + - role + type: object + type: array + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes to + proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + staticConfigs: + description: StaticConfigs defines a list of static targets with a + common label set. + items: + description: |- + StaticConfig defines a static configuration. + See [here](https://docs.victoriametrics.com/sd_configs#static_configs) + properties: + labels: + additionalProperties: + type: string + description: Labels assigned to all metrics scraped from the + targets. + type: object + x-kubernetes-map-type: atomic + targets: + description: List of targets for this static configuration. + items: + type: string + type: array + type: object + type: array + tlsConfig: + description: TLSConfig configuration to use when scraping the endpoint + properties: + ca: + description: Struct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for the + targets. + type: string + cert: + description: Struct containing the client cert file for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container for + the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container for + the targets. + type: string + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific scrape + parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/vmagent#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmservicescrapes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMServiceScrape + listKind: VMServiceScrapeList + plural: vmservicescrapes + singular: vmservicescrape + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMServiceScrape is scrape configuration for endpoints associated with + kubernetes service, + it generates scrape configuration for vmagent based on selectors. + result config will scrape service endpoints + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMServiceScrapeSpec defines the desired state of VMServiceScrape + properties: + attach_metadata: + description: AttachMetadata configures metadata attaching from service + discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + discoveryRole: + description: |- + DiscoveryRole - defines kubernetes_sd role for objects discovery. + by default, its endpoints. + can be changed to service or endpointslices. + note, that with service setting, you have to use port: "name" + and cannot use targetPort for endpoints. + enum: + - endpoints + - service + - endpointslices + type: string + endpoints: + description: A list of endpoints allowed as part of this ServiceScrape. + items: + description: Endpoint defines a scrapeable endpoint serving metrics. + properties: + attach_metadata: + description: AttachMetadata configures metadata attaching from + service discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects + the timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped + data for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after + scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the port exposed at Service. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number + of scraped samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetPort: + anyOf: + - type: integer + - type: string + description: |- + TargetPort + Name or number of the pod port this endpoint refers to. Mutually exclusive with port. + x-kubernetes-int-or-string: true + tlsConfig: + description: TLSConfig configuration to use when scraping the + endpoint + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific + scrape parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/vmagent#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: Selector to select which namespaces the Endpoints objects + are discovered from. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + podTargetLabels: + description: PodTargetLabels transfers labels on the Kubernetes Pod + onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + selector: + description: Selector to select Endpoints objects by corresponding + Service labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmsingles.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMSingle + listKind: VMSingleList + plural: vmsingles + singular: vmsingle + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of single node update process + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VMSingle is fast, cost-effective and scalable time-series database. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMSingleSpec defines the desired state of VMSingle + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + insertPorts: + description: InsertPorts - additional listen ports for data ingestion. + properties: + graphitePort: + description: GraphitePort listen port + type: string + influxPort: + description: InfluxPort listen port + type: string + openTSDBHTTPPort: + description: OpenTSDBHTTPPort for http connections. + type: string + openTSDBPort: + description: OpenTSDBPort for tcp and udp listen + type: string + type: object + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/enterprise) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VMSingle to be configured with. + enum: + - default + - json + type: string + logLevel: + description: LogLevel for victoria metrics single to be configured + with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the VMSingle pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + removePvcAfterDelete: + description: |- + RemovePvcAfterDelete - if true, controller adds ownership to pvc + and after VMSingle object deletion - pvc will be garbage collected + by controller manager + type: boolean + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + retentionPeriod: + description: |- + RetentionPeriod defines how long to retain stored metrics, specified as a duration (e.g., "1d", "1w", "1m"). + Data with timestamps outside the RetentionPeriod is automatically deleted. The minimum allowed value is 1d, or 24h. + The default value is 1 (one month). + See [retention](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#retention) docs for details. + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmsingle VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmsingle service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + Storage is the definition of how storage will be used by the VMSingle + by default it`s empty dir + this option is ignored if storageDataPath is set + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the PersistentVolume + backing this claim. + type: string + type: object + storageDataPath: + description: |- + StorageDataPath disables spec.storage option and overrides arg for victoria-metrics binary --storageDataPath, + its users responsibility to mount proper device into given path. + It requires to provide spec.volumes and spec.volumeMounts with at least 1 value + type: string + storageMetadata: + description: StorageMeta defines annotations and labels attached to + PVC for given vmsingle CR + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + streamAggrConfig: + description: StreamAggrConfig defines stream aggregation configuration + for VMSingle + properties: + configmap: + description: ConfigMap with stream aggregation rules + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + dedupInterval: + description: Allows setting different de-duplication intervals + per each configured remote storage + type: string + dropInput: + description: Allow drop all the input samples after the aggregation + type: boolean + dropInputLabels: + description: labels to drop from samples for aggregator before + stream de-duplication and aggregation + items: + type: string + type: array + enableWindows: + description: EnableWindows enables aggregating data in separate + windows ( available from v0.54.0). + type: boolean + ignoreFirstIntervals: + description: IgnoreFirstIntervals instructs to ignore first interval + type: integer + ignoreOldSamples: + description: IgnoreOldSamples instructs to ignore samples with + old timestamps outside the current aggregation interval. + type: boolean + keepInput: + description: Allows writing both raw and aggregate data + type: boolean + rules: + description: Stream aggregation rules + items: + description: StreamAggrRule defines the rule in stream aggregation + config + properties: + by: + description: |- + By is an optional list of labels for grouping input series. + + See also Without. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + dedup_interval: + description: DedupInterval is an optional interval for deduplication. + type: string + drop_input_labels: + description: |- + DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples. + + Labels are dropped before de-duplication and aggregation. + items: + type: string + type: array + enable_windows: + description: EnableWindows enables aggregating data in separate + windows + type: boolean + flush_on_shutdown: + description: |- + FlushOnShutdown defines whether to flush the aggregation state on process termination + or config reload. Is `false` by default. + It is not recommended changing this setting, unless unfinished aggregations states + are preferred to missing data points. + type: boolean + ignore_first_intervals: + type: integer + ignore_old_samples: + description: IgnoreOldSamples instructs to ignore samples + with old timestamps outside the current aggregation interval. + type: boolean + input_relabel_configs: + description: |- + InputRelabelConfigs is an optional relabeling rules, which are applied on the input + before aggregation. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + interval: + description: Interval is the interval between aggregations. + type: string + keep_metric_names: + description: KeepMetricNames instructs to leave metric names + as is for the output time series without adding any suffix. + type: boolean + match: + description: |- + Match is a label selector (or list of label selectors) for filtering time series for the given selector. + + If the match isn't set, then all the input time series are processed. + x-kubernetes-preserve-unknown-fields: true + no_align_flush_to_interval: + description: |- + NoAlignFlushToInterval disables aligning of flushes to multiples of Interval. + By default flushes are aligned to Interval. + type: boolean + output_relabel_configs: + description: |- + OutputRelabelConfigs is an optional relabeling rules, which are applied + on the aggregated output before being sent to remote storage. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + outputs: + description: |- + Outputs is a list of output aggregate functions to produce. + + The following names are allowed: + + - total - aggregates input counters + - increase - counts the increase over input counters + - count_series - counts the input series + - count_samples - counts the input samples + - sum_samples - sums the input samples + - last - the last biggest sample value + - min - the minimum sample value + - max - the maximum sample value + - avg - the average value across all the samples + - stddev - standard deviation across all the samples + - stdvar - standard variance across all the samples + - histogram_bucket - creates VictoriaMetrics histogram for input samples + - quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1] + + The output time series will have the following names: + + input_name:aggr__ + items: + type: string + type: array + staleness_interval: + description: |- + Staleness interval is interval after which the series state will be reset if no samples have been sent during it. + The parameter is only relevant for outputs: total, total_prometheus, increase, increase_prometheus and histogram_bucket. + type: string + without: + description: |- + Without is an optional list of labels, which must be excluded when grouping input series. + + See also By. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + required: + - interval + - outputs + type: object + type: array + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + vmBackup: + description: VMBackup configuration for backup + properties: + acceptEULA: + description: |- + AcceptEULA accepts enterprise feature usage, must be set to true. + otherwise backupmanager cannot be added to single/cluster version. + https://victoriametrics.com/legal/esa/ + type: boolean + concurrency: + description: Defines number of concurrent workers. Higher concurrency + may reduce backup duration (default 10) + format: int32 + type: integer + credentialsSecret: + description: |- + CredentialsSecret is secret in the same namespace for access to remote storage + The secret is mounted into /etc/vm/creds. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + customS3Endpoint: + description: Custom S3 endpoint for use with S3-compatible storages + (e.g. MinIO). S3 is used if not set + type: string + destination: + description: Defines destination for backup + type: string + destinationDisableSuffixAdd: + description: |- + DestinationDisableSuffixAdd - disables suffix adding for cluster version backups + each vmstorage backup must have unique backup folder + so operator adds POD_NAME as suffix for backup destination folder. + type: boolean + disableDaily: + description: Defines if daily backups disabled (default false) + type: boolean + disableHourly: + description: Defines if hourly backups disabled (default false) + type: boolean + disableMonthly: + description: Defines if monthly backups disabled (default false) + type: boolean + disableWeekly: + description: Defines if weekly backups disabled (default false) + type: boolean + extraArgs: + additionalProperties: + type: string + description: extra args like maxBytesPerSecond default 0 + type: object + extraEnvs: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: Image - docker image settings for VMBackuper + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + logFormat: + description: |- + LogFormat for VMBackup to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMBackup to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + port: + description: Port for health check connections + type: string + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restore: + description: |- + Restore Allows to enable restore options for pod + Read [more](https://docs.victoriametrics.com/vmbackupmanager#restore-commands) + properties: + onStart: + description: OnStart defines configuration for restore on + pod start + properties: + enabled: + description: Enabled defines if restore on start enabled + type: boolean + type: object + type: object + snapshotCreateURL: + description: SnapshotCreateURL overwrites url for snapshot create + type: string + snapshotDeleteURL: + description: SnapShotDeleteURL overwrites url for snapshot delete + type: string + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment definition. + VolumeMounts specified will be appended to other VolumeMounts in the vmbackupmanager container, + that are generated as a result of StorageSpec objects. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + type: object + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + status: + description: VMSingleStatus defines the observed state of VMSingle + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + singleStatus: + description: LegacyStatus is deprecated and will be removed at v0.52.0 + version + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmstaticscrapes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMStaticScrape + listKind: VMStaticScrapeList + plural: vmstaticscrapes + singular: vmstaticscrape + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMStaticScrape defines static targets configuration for scraping. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMStaticScrapeSpec defines the desired state of VMStaticScrape. + properties: + jobName: + description: JobName name of job. + type: string + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetEndpoints: + description: A list of target endpoints to scrape metrics from. + items: + description: TargetEndpoint defines single static target endpoint. + properties: + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects + the timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + labels: + additionalProperties: + type: string + description: Labels static labels for targets. + type: object + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped + data for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after + scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number + of scraped samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targets: + description: Targets static targets addresses in form of ["192.122.55.55:9100","some-name:9100"]. + items: + type: string + minItems: 1 + type: array + tlsConfig: + description: TLSConfig configuration to use when scraping the + endpoint + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific + scrape parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/vmagent#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + required: + - targets + type: object + type: array + required: + - targetEndpoints + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmusers.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMUser + listKind: VMUserList + plural: vmusers + singular: vmuser + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMUser is the Schema for the vmusers API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMUserSpec defines the desired state of VMUser + properties: + bearerToken: + description: BearerToken Authorization header value for accessing + protected endpoint. + type: string + default_url: + description: |- + DefaultURLs backend url for non-matching paths filter + usually used for default backend with error message + items: + type: string + type: array + disable_secret_creation: + description: DisableSecretCreation skips related secret creation for + vmuser + type: boolean + discover_backend_ips: + description: DiscoverBackendIPs instructs discovering URLPrefix backend + IPs via DNS. + type: boolean + drop_src_path_prefix_parts: + description: |- + DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. + See [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details. + type: integer + dump_request_on_errors: + description: |- + DumpRequestOnErrors instructs vmauth to return detailed request params to the client + if routing rules don't allow to forward request to the backends. + Useful for debugging `src_hosts` and `src_headers` based routing rules + + available since v1.107.0 vmauth version + type: boolean + generatePassword: + description: |- + GeneratePassword instructs operator to generate password for user + if spec.password if empty. + type: boolean + headers: + description: |- + Headers represent additional http headers, that vmauth uses + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.68.0 version of vmauth + items: + type: string + type: array + ip_filters: + description: |- + IPFilters defines per target src ip filters + supported only with enterprise version of [vmauth](https://docs.victoriametrics.com/vmauth/#ip-filters) + properties: + allow_list: + items: + type: string + type: array + deny_list: + items: + type: string + type: array + type: object + load_balancing_policy: + description: |- + LoadBalancingPolicy defines load balancing policy to use for backend urls. + Supported policies: least_loaded, first_available. + See [here](https://docs.victoriametrics.com/vmauth#load-balancing) for more details (default "least_loaded") + enum: + - least_loaded + - first_available + type: string + max_concurrent_requests: + description: |- + MaxConcurrentRequests defines max concurrent requests per user + 300 is default value for vmauth + type: integer + metric_labels: + additionalProperties: + type: string + description: MetricLabels - additional labels for metrics exported + by vmauth for given user. + type: object + name: + description: Name of the VMUser object. + type: string + password: + description: Password basic auth password for accessing protected + endpoint. + type: string + passwordRef: + description: PasswordRef allows fetching password from user-create + secret by its name and key. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + response_headers: + description: |- + ResponseHeaders represent additional http headers, that vmauth adds for request response + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.93.0 version of vmauth + items: + type: string + type: array + retry_status_codes: + description: |- + RetryStatusCodes defines http status codes in numeric format for request retries + e.g. [429,503] + items: + type: integer + type: array + targetRefs: + description: TargetRefs - reference to endpoints, which user may access. + items: + description: |- + TargetRef describes target for user traffic forwarding. + one of target types can be chosen: + crd or static per targetRef. + user can define multiple targetRefs with different ref Types. + properties: + crd: + description: |- + CRD describes exist operator's CRD object, + operator generates access url based on CRD params. + properties: + kind: + description: |- + Kind one of: + VMAgent,VMAlert, VMSingle, VMCluster/vmselect, VMCluster/vmstorage,VMCluster/vminsert or VMAlertManager + enum: + - VMAgent + - VMAlert + - VMSingle + - VLogs + - VMAlertManager + - VMAlertmanager + - VMCluster/vmselect + - VMCluster/vmstorage + - VMCluster/vminsert + type: string + name: + description: Name target CRD object name + type: string + namespace: + description: Namespace target CRD object namespace. + type: string + required: + - kind + - name + - namespace + type: object + discover_backend_ips: + description: DiscoverBackendIPs instructs discovering URLPrefix + backend IPs via DNS. + type: boolean + drop_src_path_prefix_parts: + description: |- + DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. + See [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details. + type: integer + headers: + description: |- + RequestHeaders represent additional http headers, that vmauth uses + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.68.0 version of vmauth + items: + type: string + type: array + hosts: + items: + type: string + type: array + load_balancing_policy: + description: |- + LoadBalancingPolicy defines load balancing policy to use for backend urls. + Supported policies: least_loaded, first_available. + See [here](https://docs.victoriametrics.com/vmauth#load-balancing) for more details (default "least_loaded") + enum: + - least_loaded + - first_available + type: string + paths: + description: Paths - matched path to route. + items: + type: string + type: array + response_headers: + description: |- + ResponseHeaders represent additional http headers, that vmauth adds for request response + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.93.0 version of vmauth + items: + type: string + type: array + retry_status_codes: + description: |- + RetryStatusCodes defines http status codes in numeric format for request retries + Can be defined per target or at VMUser.spec level + e.g. [429,503] + items: + type: integer + type: array + src_headers: + description: SrcHeaders is an optional list of headers, which + must match request headers. + items: + type: string + type: array + src_query_args: + description: SrcQueryArgs is an optional list of query args, + which must match request URL query args. + items: + type: string + type: array + static: + description: |- + Static - user defined url for traffic forward, + for instance http://vmsingle:8429 + properties: + url: + description: URL http url for given staticRef. + type: string + urls: + description: URLs allows setting multiple urls for load-balancing + at vmauth-side. + items: + type: string + type: array + type: object + target_path_suffix: + description: |- + TargetPathSuffix allows to add some suffix to the target path + It allows to hide tenant configuration from user with crd as ref. + it also may contain any url encoded params. + type: string + targetRefBasicAuth: + description: TargetRefBasicAuth allow an target endpoint to + authenticate over basic authentication + properties: + password: + description: |- + The secret in the service scrape namespace that contains the password + for authentication. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: |- + The secret in the service scrape namespace that contains the username + for authentication. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - password + - username + type: object + type: object + type: array + tlsConfig: + description: TLSConfig defines tls configuration for the backend connection + properties: + ca: + description: Struct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for the + targets. + type: string + cert: + description: Struct containing the client cert file for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container for + the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container for + the targets. + type: string + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + tokenRef: + description: TokenRef allows fetching token from user-created secrets + by its name and key. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: |- + UserName basic auth user name for accessing protected endpoint, + will be replaced with metadata.name of VMUser if omitted. + type: string + required: + - targetRefs + type: object + status: + description: VMUserStatus defines the observed state of VMUser + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/crds/values.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/crds/values.yaml new file mode 100644 index 0000000..e69de29 diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/.helmignore b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/.helmignore new file mode 100644 index 0000000..2ccbd54 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/.helmignore @@ -0,0 +1,24 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +*.md +*.md.gotmpl diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/Chart.lock b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/Chart.lock new file mode 100644 index 0000000..7d366f4 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/Chart.lock @@ -0,0 +1,3 @@ +dependencies: [] +digest: sha256:643d5437104296e21d906ecb15b2c96ad278f20cfc4af53b12bb6069bd853726 +generated: "2024-11-13T12:10:17.363248379Z" diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/Chart.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/Chart.yaml new file mode 100644 index 0000000..a90e9d6 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/Chart.yaml @@ -0,0 +1,28 @@ +annotations: + artifacthub.io/category: monitoring-logging + artifacthub.io/changes: | + - Support custom case for list empty argument. + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Sources + url: https://github.com/VictoriaMetrics/helm-charts/tree/master/charts/victoria-metrics-common + - name: Charts repo + url: https://victoriametrics.github.io/helm-charts/ +apiVersion: v2 +description: Victoria Metrics Common - contains shared templates for all Victoria + Metrics helm charts +keywords: +- victoriametrics +- monitoring +- kubernetes +- observability +- tsdb +- metrics +- metricsql +- timeseries +kubeVersion: '>=1.23.0-0' +name: victoria-metrics-common +sources: +- https://github.com/VictoriaMetrics/helm-charts +type: library +version: 0.0.42 diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/RELEASE_NOTES b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/RELEASE_NOTES new file mode 100644 index 0000000..6de533d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/RELEASE_NOTES @@ -0,0 +1,7 @@ +# Release notes for version 0.0.42 + +**Release date:** 19 Mar 2025 + +![Helm: v3](https://img.shields.io/badge/Helm-v3.14%2B-informational?color=informational&logo=helm&link=https%3A%2F%2Fgithub.com%2Fhelm%2Fhelm%2Freleases%2Ftag%2Fv3.14.0) + +- Support custom case for list empty argument. diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_enterprise.tpl b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_enterprise.tpl new file mode 100644 index 0000000..1890e49 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_enterprise.tpl @@ -0,0 +1,87 @@ +{{- define "vm.license.secret.key" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $plain := (($Values.license).secret).key | default ((($Values.global).license).secret).key -}} + {{- $managed := (($Values.license).keyRef).key | default ((($Values.global).license).keyRef).key }} + {{- if $plain -}} + {{- $plain -}} + {{- else if $managed -}} + {{- $managed -}} + {{- end -}} +{{- end -}} + +{{- define "vm.license.secret.name" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $plain := (($Values.license).secret).name | default ((($Values.global).license).secret).name -}} + {{- $managed := (($Values.license).keyRef).name | default ((($Values.global).license).keyRef).name -}} + {{- if $plain -}} + {{- $plain -}} + {{- else if $managed -}} + {{- $managed -}} + {{- end -}} +{{- end -}} + +{{- define "vm.license.key" -}} + {{- $Values := (.helm).Values | default .Values }} + {{- ($Values.license).key | default (($Values.global).license).key | default "" -}} +{{- end -}} + +{{- define "vm.enterprise.disabled" -}} + {{- $licenseKey := (include "vm.license.key" .) -}} + {{- $licenseSecretKey := (include "vm.license.secret.key" .) -}} + {{- $licenseSecretName := (include "vm.license.secret.name" .) -}} + {{- or .noEnterprise (and (empty $licenseKey) (and (empty $licenseSecretName) (empty $licenseSecretKey))) -}} +{{- end -}} + +{{- define "vm.enterprise.only" -}} + {{- if eq (include "vm.enterprise.disabled" .) "true" }} + {{ fail `Pass valid license at .Values.license or .Values.global.license if you have an enterprise license for running this software. + See https://victoriametrics.com/legal/esa/ for details. + Documentation - https://docs.victoriametrics.com/enterprise + for more information, visit https://victoriametrics.com/products/enterprise/ + To request a trial license, go to https://victoriametrics.com/products/enterprise/trial/` }} + {{- end -}} +{{- end -}} + +{{/* +Return license volume mount +*/}} +{{- define "vm.license.volume" -}} + {{- $licenseSecretKey := (include "vm.license.secret.key" .) -}} + {{- $licenseSecretName := (include "vm.license.secret.name" .) -}} + {{- if and $licenseSecretName $licenseSecretKey -}} +- name: license-key + secret: + secretName: {{ $licenseSecretName }} + {{- end -}} +{{- end -}} + +{{/* +Return license volume mount for container +*/}} +{{- define "vm.license.mount" -}} + {{- $licenseSecretKey := (include "vm.license.secret.key" .) -}} + {{- $licenseSecretName := (include "vm.license.secret.name" .) -}} + {{- if and $licenseSecretName $licenseSecretKey -}} +- name: license-key + mountPath: /etc/vm-license-key + readOnly: true + {{- end -}} +{{- end -}} + +{{/* +Return license flag if necessary. +*/}} +{{- define "vm.license.flag" -}} + {{- $licenseKey := (include "vm.license.key" .) -}} + {{- $licenseSecretKey := (include "vm.license.secret.key" .) -}} + {{- $licenseSecretName := (include "vm.license.secret.name" .) -}} + {{- if $licenseKey -}} + license: {{ $licenseKey }} + {{- else if and $licenseSecretName $licenseSecretKey -}} + {{- $flagName := "licenseFile" -}} + {{- if eq .flagStyle "kebab" }} + {{- $flagName = "license-file" -}} + {{- end -}} + {{- $flagName }}: /etc/vm-license-key/{{ $licenseSecretKey }} + {{- end -}} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_helpers.tpl b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_helpers.tpl new file mode 100644 index 0000000..7983440 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_helpers.tpl @@ -0,0 +1,239 @@ +{{- define "vm.namespace" -}} + {{- include "vm.validate.args" . -}} + {{- $Release := (.helm).Release | default .Release -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $Values.namespaceOverride | default ($Values.global).namespaceOverride | default $Release.Namespace -}} +{{- end -}} + +{{- define "vm.validate.args" -}} + {{- $Chart := (.helm).Chart | default .Chart -}} + {{- $Capabilities := (.helm).Capabilities | default .Capabilities -}} + {{- if semverCompare "<3.14.0" $Capabilities.HelmVersion.Version }} + {{- fail "This chart requires helm version 3.14.0 or higher" }} + {{- end }} + {{- if empty $Chart -}} + {{- fail "invalid template data" -}} + {{- end -}} +{{- end -}} + +{{- /* Expand the name of the chart. */ -}} +{{- define "vm.name" -}} + {{- include "vm.validate.args" . -}} + {{- $Chart := (.helm).Chart | default .Chart -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $nameOverride := $Values.nameOverride | default ($Values.global).nameOverride | default $Chart.Name -}} + {{- if or ($Values.global).disableNameTruncation $Values.disableNameTruncation -}} + {{- $nameOverride -}} + {{- else -}} + {{- $nameOverride | trunc 63 | trimSuffix "-" -}} + {{- end -}} +{{- end -}} + +{{- /* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/ -}} +{{- define "vm.fullname" -}} + {{- include "vm.validate.args" . -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $Chart := (.helm).Chart | default .Chart -}} + {{- $Release := (.helm).Release | default .Release -}} + {{- $fullname := "" -}} + {{- if $Values.fullnameOverride -}} + {{- $fullname = $Values.fullnameOverride -}} + {{- else if ($Values.global).fullnameOverride -}} + {{- $fullname = $Values.global.fullnameOverride -}} + {{- else -}} + {{- $name := default $Chart.Name $Values.nameOverride -}} + {{- if contains $name $Release.Name -}} + {{- $fullname = $Release.Name -}} + {{- else -}} + {{- $fullname = (printf "%s-%s" $Release.Name $name) }} + {{- end -}} + {{- end -}} + {{- $fullname = tpl $fullname . -}} + {{- if or ($Values.global).disableNameTruncation $Values.disableNameTruncation -}} + {{- $fullname -}} + {{- else -}} + {{- $fullname | trunc 63 | trimSuffix "-" -}} + {{- end -}} +{{- end }} + +{{- define "vm.cr.fullname" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $_ := set . "overrideKey" "name" -}} + {{- $fullname := include "vm.internal.key" . -}} + {{- $_ := unset . "overrideKey" -}} + {{- if empty $fullname -}} + {{- $fullname = include "vm.fullname" . -}} + {{- end -}} + {{- $fullname = tpl $fullname . -}} + {{- if or ($Values.global).disableNameTruncation $Values.disableNameTruncation -}} + {{- $fullname -}} + {{- else -}} + {{- $fullname | trunc 63 | trimSuffix "-" -}} + {{- end -}} +{{- end -}} + +{{- define "vm.managed.fullname" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $_ := set . "overrideKey" "name" -}} + {{- $fullname := include "vm.internal.key" . -}} + {{- $_ := unset . "overrideKey" -}} + {{- if empty $fullname -}} + {{- $fullname = include "vm.fullname" . -}} + {{- end -}} + {{- with include "vm.internal.key.default" . -}} + {{- $prefix := ternary . (printf "vm%s" .) (or (hasPrefix "vm" .) (hasPrefix "vl" .)) -}} + {{- $fullname = printf "%s-%s" $prefix $fullname -}} + {{- end -}} + {{- $fullname = tpl $fullname . -}} + {{- if or ($Values.global).disableNameTruncation $Values.disableNameTruncation -}} + {{- $fullname -}} + {{- else -}} + {{- $fullname | trunc 63 | trimSuffix "-" -}} + {{- end -}} +{{- end -}} + +{{- define "vm.plain.fullname" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $_ := set . "overrideKey" "fullnameOverride" -}} + {{- $fullname := include "vm.internal.key" . -}} + {{- $_ := unset . "overrideKey" -}} + {{- if empty $fullname -}} + {{- $fullname = include "vm.fullname" . -}} + {{- with include "vm.internal.key.default" . -}} + {{- $fullname = printf "%s-%s" $fullname . -}} + {{- end -}} + {{- end -}} + {{- $fullname = tpl $fullname . -}} + {{- if or ($Values.global).disableNameTruncation $Values.disableNameTruncation -}} + {{- $fullname -}} + {{- else -}} + {{- $fullname | trunc 63 | trimSuffix "-" -}} + {{- end -}} +{{- end -}} + +{{- define "vm.internal.key" -}} + {{- include "vm.validate.args" . -}} + {{- $overrideKey := .overrideKey | default "fullnameOverride" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $key := "" -}} + {{- if .appKey -}} + {{- $appKey := ternary (list .appKey) .appKey (kindIs "string" .appKey) -}} + {{- $ctx := . -}} + {{- $values := $Values -}} + {{- range $ak := $appKey }} + {{- $values = ternary (default dict) (index $values $ak | default dict) (empty $values) -}} + {{- $ctx = ternary (default dict) (index $ctx $ak | default dict) (empty $ctx) -}} + {{- if and (empty $values) (empty $ctx) -}} + {{- fail (printf "No data for appKey %s" (join "->" $appKey)) -}} + {{- end -}} + {{- if and (kindIs "map" $values) (index $values $overrideKey) -}} + {{- $key = index $values $overrideKey -}} + {{- else if and (kindIs "map" $ctx) (index $ctx $overrideKey) -}} + {{- $key = index $ctx $overrideKey -}} + {{- end -}} + {{- end }} + {{- if and (empty $key) .fallback -}} + {{- $key = include "vm.internal.key.default" . -}} + {{- end -}} + {{- end -}} + {{- $key -}} +{{- end -}} + +{{- define "vm.internal.key.default" -}} + {{- with .appKey -}} + {{- $key := ternary (list .) . (kindIs "string" .) -}} + {{- last (without $key "spec") -}} + {{- end -}} +{{- end -}} + +{{- /* Create chart name and version as used by the chart label. */ -}} +{{- define "vm.chart" -}} + {{- include "vm.validate.args" . -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $Chart := (.helm).Chart | default .Chart -}} + {{- $chart := printf "%s-%s" $Chart.Name $Chart.Version | replace "+" "_" -}} + {{- if or ($Values.global).disableNameTruncation $Values.disableNameTruncation -}} + {{- $chart -}} + {{- else -}} + {{- $chart | trunc 63 | trimSuffix "-" -}} + {{- end }} +{{- end }} + +{{- /* Create the name of the service account to use */ -}} +{{- define "vm.sa.name" -}} + {{- include "vm.validate.args" . -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- if $Values.serviceAccount.create }} + {{- default (include "vm.fullname" .) $Values.serviceAccount.name }} + {{- else -}} + {{- default "default" $Values.serviceAccount.name -}} + {{- end }} +{{- end }} + +{{- define "vm.metaLabels" -}} + {{- include "vm.validate.args" . -}} + {{- $Release := (.helm).Release | default .Release -}} + {{- $labels := .extraLabels | default dict -}} + {{- $_ := set $labels "helm.sh/chart" (include "vm.chart" .) -}} + {{- $_ := set $labels "app.kubernetes.io/managed-by" $Release.Service -}} + {{- toYaml $labels -}} +{{- end -}} + +{{- define "vm.podLabels" -}} + {{- include "vm.validate.args" . -}} + {{- $Release := (.helm).Release | default .Release -}} + {{- $labels := fromYaml (include "vm.selectorLabels" .) -}} + {{- $labels = mergeOverwrite $labels (.extraLabels | default dict) -}} + {{- $_ := set $labels "app.kubernetes.io/managed-by" $Release.Service -}} + {{- toYaml $labels -}} +{{- end -}} + +{{- /* Common labels */ -}} +{{- define "vm.labels" -}} + {{- include "vm.validate.args" . -}} + {{- $labels := fromYaml (include "vm.selectorLabels" .) -}} + {{- $labels = mergeOverwrite $labels (fromYaml (include "vm.metaLabels" .)) -}} + {{- with (include "vm.image.tag" .) }} + {{- $_ := set $labels "app.kubernetes.io/version" (regexReplaceAll "(.*)(@sha.*)" . "${1}") -}} + {{- end -}} + {{- toYaml $labels -}} +{{- end -}} + +{{- define "vm.release" -}} + {{- include "vm.validate.args" . -}} + {{- $Release := (.helm).Release | default .Release -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $release := default $Release.Name $Values.argocdReleaseOverride -}} + {{- if or ($Values.global).disableNameTruncation $Values.disableNameTruncation -}} + {{- $release -}} + {{- else -}} + {{- $release | trunc 63 | trimSuffix "-" -}} + {{- end -}} +{{- end -}} + +{{- define "vm.app.name" -}} + {{- $_ := set . "overrideKey" "name" -}} + {{- $_ := set . "fallback" true -}} + {{- tpl (include "vm.internal.key" .) . -}} + {{- $_ := unset . "overrideKey" -}} + {{- $_ := unset . "fallback" -}} +{{- end -}} + +{{- /* Selector labels */ -}} +{{- define "vm.selectorLabels" -}} + {{- $labels := .extraLabels | default dict -}} + {{- $_ := set $labels "app.kubernetes.io/name" (include "vm.name" .) -}} + {{- $_ := set $labels "app.kubernetes.io/instance" (include "vm.release" .) -}} + {{- with (include "vm.app.name" .) -}} + {{- if eq $.style "managed" -}} + {{- $_ := set $labels "app.kubernetes.io/component" (printf "%s-%s" (include "vm.name" $) .) -}} + {{- else -}} + {{- $_ := set $labels "app" . -}} + {{- end -}} + {{- end -}} + {{- toYaml $labels -}} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_image.tpl b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_image.tpl new file mode 100644 index 0000000..cae561d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_image.tpl @@ -0,0 +1,61 @@ +{{/* +Victoria Metrics Image +*/}} +{{- define "vm.image" -}} + {{- $image := (fromYaml (include "vm.internal.image" .)).image | default dict -}} + {{- $tag := include "vm.image.tag" . -}} + {{- if empty $image.repository -}} + {{- fail "cannot create image without `.repository` defined" -}} + {{- end -}} + {{- $result := tpl (printf "%s:%s" $image.repository $tag) . -}} + {{- with $image.registry | default "" -}} + {{- $result = (printf "%s/%s" . $result) -}} + {{- end -}} + {{- $result -}} +{{- end -}} + +{{- define "vm.image.tag" -}} + {{- $Chart := (.helm).Chart | default .Chart -}} + {{- $image := (fromYaml (include "vm.internal.image" .)).image | default dict -}} + {{- $tag := $image.tag -}} + {{- if empty $tag }} + {{- $tag = $Chart.AppVersion -}} + {{- $variant := $image.variant }} + {{- if eq (include "vm.enterprise.disabled" .) "false" -}} + {{- if $variant }} + {{- $variant = printf "enterprise-%s" $variant }} + {{- else }} + {{- $variant = "enterprise" }} + {{- end }} + {{- end -}} + {{- with $variant -}} + {{- $tag = (printf "%s-%s" $tag .) -}} + {{- end -}} + {{- end -}} + {{- $tag -}} +{{- end -}} + +{{- define "vm.internal.image" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $values := $Values -}} + {{- $ctx := . -}} + {{- with .appKey -}} + {{- $appKey := ternary (list .) . (kindIs "string" .) -}} + {{- range $ak := $appKey -}} + {{- $values = ternary (default dict) (index $values $ak | default dict) (empty $values) -}} + {{- $ctx = ternary (default dict) (index $ctx $ak | default dict) (empty $ctx) -}} + {{- if and (empty $values) (empty $ctx) -}} + {{- fail (printf "No data for appKey %s" (join "->" $appKey)) -}} + {{- end -}} + {{- end -}} + {{- end -}} + {{- $image := ternary $ctx.image $values.image (hasKey $ctx "image") -}} + {{- if not $image.registry }} + {{- if (($Values.global).image).registry -}} + {{- $_ := set $image "registry" (($Values.global).image).registry -}} + {{- else if hasKey $image "registry" -}} + {{- $_ := unset $image "registry" -}} + {{- end -}} + {{- end -}} + {{- toYaml (dict "image" $image) -}} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_ingress.tpl b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_ingress.tpl new file mode 100644 index 0000000..33904d8 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_ingress.tpl @@ -0,0 +1,8 @@ +{{- define "vm.ingress.port" }} + {{- $port := dict "name" "http" }} + {{- with .port }} + {{- $numberTypes := list "int" "float64" }} + {{- $port = dict (ternary "number" "name" (has (kindOf .) $numberTypes)) . }} + {{- end -}} + {{- toYaml $port -}} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_pod.tpl b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_pod.tpl new file mode 100644 index 0000000..7534ae2 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_pod.tpl @@ -0,0 +1,117 @@ +{{- define "vm.port.from.flag" -}} + {{- $port := .default -}} + {{- with .flag -}} + {{- $port = regexReplaceAll ".*:(\\d+)" . "${1}" -}} + {{- end -}} + {{- $port -}} +{{- end }} + +{{- /* +Return true if the detected platform is Openshift +Usage: +{{- include "vm.isOpenshift" . -}} +*/ -}} +{{- define "vm.isOpenshift" -}} + {{- $Capabilities := (.helm).Capabilities | default .Capabilities -}} + {{- if $Capabilities.APIVersions.Has "security.openshift.io/v1" -}} + {{- true -}} + {{- end -}} +{{- end -}} + +{{- /* +Render a compatible securityContext depending on the platform. +Usage: +{{- include "vm.securityContext" (dict "securityContext" .Values.containerSecurityContext "helm" .) -}} +*/ -}} +{{- define "vm.securityContext" -}} + {{- $securityContext := omit .securityContext "enabled" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $adaptMode := (((($Values).global).compatibility).openshift).adaptSecurityContext | default "" -}} + {{- if or (eq $adaptMode "force") (and (eq $adaptMode "auto") (include "vm.isOpenshift" .)) -}} + {{- $securityContext = omit $securityContext "fsGroup" "runAsUser" "runAsGroup" "seLinuxOptions" -}} + {{- end -}} + {{- toYaml $securityContext -}} +{{- end -}} + +{{- /* +Render probe +*/ -}} +{{- define "vm.probe" -}} + {{- /* undefined value */ -}} + {{- $null := (fromYaml "value: null").value -}} + {{- $probe := dig .type (default dict) .app.probe -}} + {{- $probeType := "" -}} + {{- $defaultProbe := default dict -}} + {{- if ne (dig "httpGet" $null $probe) $null -}} + {{- /* httpGet probe */ -}} + {{- $defaultProbe = dict "path" (include "vm.probe.http.path" .) "scheme" (include "vm.probe.http.scheme" .) "port" (include "vm.probe.port" .) -}} + {{- $probeType = "httpGet" -}} + {{- else if ne (dig "tcpSocket" $null $probe) $null -}} + {{- /* tcpSocket probe */ -}} + {{- $defaultProbe = dict "port" (include "vm.probe.port" .) -}} + {{- $probeType = "tcpSocket" -}} + {{- end -}} + {{- $defaultProbe = ternary (default dict) (dict $probeType $defaultProbe) (empty $probeType) -}} + {{- $probe = mergeOverwrite $defaultProbe $probe -}} + {{- range $key, $value := $probe -}} + {{- if and (has (kindOf $value) (list "object" "map")) (ne $key $probeType) -}} + {{- $_ := unset $probe $key -}} + {{- end -}} + {{- end -}} + {{- tpl (toYaml $probe) . -}} +{{- end -}} + +{{- /* +HTTP GET probe path +*/ -}} +{{- define "vm.probe.http.path" -}} + {{- index .app.extraArgs "http.pathPrefix" | default "" | trimSuffix "/" -}}/health +{{- end -}} + +{{- /* +HTTP GET probe scheme +*/ -}} +{{- define "vm.probe.http.scheme" -}} + {{- $isSecure := false -}} + {{- with ((.app).extraArgs).tls -}} + {{- $isSecure = eq (toString .) "true" -}} + {{- end -}} + {{- ternary "HTTPS" "HTTP" $isSecure -}} +{{- end -}} + +{{- /* +Net probe port +*/ -}} +{{- define "vm.probe.port" -}} + {{- dig "ports" "name" "http" (.app | dict) -}} +{{- end -}} + +{{- define "vm.arg" -}} + {{- if and (empty .value) (kindIs "string" .value) (ne (toString .list) "true") }} + {{- .key -}} + {{- else if eq (toString .value) "true" -}} + -{{ ternary "" "-" (eq (len .key) 1) }}{{ .key }} + {{- else -}} + -{{ ternary "" "-" (eq (len .key) 1) }}{{ .key }}={{ ternary (toJson .value | squote) .value (has (kindOf .value) (list "map" "slice")) }} + {{- end -}} +{{- end -}} + +{{- /* +command line arguments +*/ -}} +{{- define "vm.args" -}} + {{- $args := default list -}} + {{- range $key, $value := . -}} + {{- if not $key -}} + {{- fail "Empty key in command line args is not allowed" -}} + {{- end -}} + {{- if kindIs "slice" $value -}} + {{- range $v := $value -}} + {{- $args = append $args (include "vm.arg" (dict "key" $key "value" $v "list" true)) -}} + {{- end -}} + {{- else -}} + {{- $args = append $args (include "vm.arg" (dict "key" $key "value" $value)) -}} + {{- end -}} + {{- end -}} + {{- toYaml (dict "args" $args) -}} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_service.tpl b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_service.tpl new file mode 100644 index 0000000..77a1365 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/templates/_service.tpl @@ -0,0 +1,88 @@ +{{- /* Create the name for VM service */ -}} +{{- define "vm.service" -}} + {{- include "vm.validate.args" . -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $nameTpl := "" -}} + {{- if eq .style "managed" -}} + {{- $nameTpl = "vm.managed.fullname" }} + {{- else if eq .style "plain" -}} + {{- $nameTpl = "vm.plain.fullname" }} + {{- else -}} + {{- fail ".style argument should be either `plain` or `managed`"}} + {{- end -}} + {{- include $nameTpl . -}} +{{- end }} + +{{- define "vm.fqdn" -}} + {{- $name := (include "vm.service" .) -}} + {{- if hasKey . "appIdx" -}} + {{- $name = (printf "%s-%d.%s" $name .appIdx $name) -}} + {{- end -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $ns := (include "vm.namespace" .) -}} + {{- $fqdn := printf "%s.%s.svc" $name $ns -}} + {{- with (($Values.global).cluster).dnsDomain -}} + {{- $fqdn = printf "%s.%s" $fqdn . -}} + {{- end -}} + {{- $fqdn -}} +{{- end -}} + +{{- define "vm.host" -}} + {{- $fqdn := (include "vm.fqdn" .) -}} + {{- $port := 80 -}} + {{- $isSecure := ternary false true (empty .appSecure) -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- if .appKey -}} + {{- $appKey := ternary (list .appKey) .appKey (kindIs "string" .appKey) -}} + {{- $values := $Values -}} + {{- $ctx := . -}} + {{- range $ak := $appKey -}} + {{- $values = ternary (default dict) (index $values $ak | default dict) (empty $values) -}} + {{- $ctx = ternary (default dict) (index $ctx $ak | default dict) (empty $ctx) -}} + {{- end -}} + {{- $spec := default dict -}} + {{- if $ctx -}} + {{- $spec = $ctx -}} + {{- else if $values -}} + {{- $spec = $values -}} + {{- end -}} + {{- with ($spec.extraArgs).tls -}} + {{- $isSecure = eq (toString .) "true" -}} + {{- end -}} + {{- $port = (ternary 443 80 $isSecure) -}} + {{- $port = $spec.port | default ($spec.service).servicePort | default ($spec.service).port | default $port -}} + {{- if hasKey . "appIdx" -}} + {{- $port = (include "vm.port.from.flag" (dict "flag" ($spec.extraArgs).httpListenAddr "default" $port)) -}} + {{- end }} + {{- end }} + {{- $fqdn }}:{{ $port }} +{{- end -}} + +{{- define "vm.url" -}} + {{- $host := (include "vm.host" .) -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $proto := "http" -}} + {{- $path := .appRoute | default "/" -}} + {{- $isSecure := ternary false true (empty .appSecure) -}} + {{- if .appKey -}} + {{- $appKey := ternary (list .appKey) .appKey (kindIs "string" .appKey) -}} + {{- $values := $Values -}} + {{- $ctx := . -}} + {{- range $ak := $appKey -}} + {{- $values = ternary (default dict) (index $values $ak | default dict) (empty $values) -}} + {{- $ctx = ternary (default dict) (index $ctx $ak | default dict) (empty $ctx) -}} + {{- end -}} + {{- $spec := default dict -}} + {{- if $values -}} + {{- $spec = $values -}} + {{- else if $ctx -}} + {{- $spec = $ctx -}} + {{- end -}} + {{- with ($spec.extraArgs).tls -}} + {{- $isSecure = eq (toString .) "true" -}} + {{- end -}} + {{- $proto = (ternary "https" "http" $isSecure) -}} + {{- $path = dig "http.pathPrefix" $path ($spec.extraArgs | default dict) -}} + {{- end -}} + {{- printf "%s://%s%s" $proto $host (trimSuffix "/" $path) -}} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/values.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/values.yaml new file mode 100644 index 0000000..fb6bffd --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/charts/victoria-metrics-common/values.yaml @@ -0,0 +1 @@ +unitTest: false diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/crd.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/crd.yaml new file mode 100644 index 0000000..f618b66 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/crd.yaml @@ -0,0 +1,36669 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vlclusters.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VLCluster + listKind: VLClusterList + plural: vlclusters + singular: vlcluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: replicas of VLInsert + jsonPath: .spec.vlinsert.replicaCount + name: Insert Count + type: string + - description: replicas of VLStorage + jsonPath: .spec.vlstorage.replicaCount + name: Storage Count + type: string + - description: replicas of VLSelect + jsonPath: .spec.vlselect.replicaCount + name: Select Count + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Current status of cluster + jsonPath: .status.updateStatus + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: VLCluster is fast, cost-effective and scalable logs database. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VLClusterSpec defines the desired state of VLCluster + properties: + clusterDomainName: + description: |- + ClusterDomainName defines domain name suffix for in-cluster dns addresses + aka .cluster.local + used by vlinsert and vlselect to build vlstorage address + type: string + clusterVersion: + description: |- + ClusterVersion defines default images tag for all components. + it can be overwritten with component specific image.tag value. + type: string + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + requestsLoadBalancer: + description: |- + RequestsLoadBalancer configures load-balancing for vlinsert and vlselect requests. + It helps to evenly spread load across pods. + Usually it's not possible with Kubernetes TCP-based services. + properties: + disableInsertBalancing: + type: boolean + disableSelectBalancing: + type: boolean + enabled: + type: boolean + spec: + description: |- + VMAuthLoadBalancerSpec defines configuration spec for VMAuth used as load-balancer + for VMCluster component + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + serviceAccountName: + description: |- + ServiceAccountName is the name of the ServiceAccount to use to run the + VLSelect, VLInsert and VLStorage Pods. + type: string + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + vlinsert: + description: VLInsert defines vlinsert component configuration at + victoria-logs cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + hpa: + description: Configures horizontal pod autoscaling. + type: object + x-kubernetes-preserve-unknown-fields: true + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VLSelect to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VLSelect to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VLSelect pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vlselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vlselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + syslogSpec: + description: SyslogSpec defines syslog listener configuration + properties: + tcpListeners: + description: TCPListeners defines syslog server TCP listener + configuration + items: + description: SyslogTCPListener defines configuration for + TCP syslog server listen + properties: + compressMethod: + description: |- + CompressMethod for syslog messages + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression + pattern: ^(none|zstd|gzip|deflate)$ + type: string + decolorizeFields: + description: |- + DecolorizeFields to remove ANSI color codes across logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields + type: string + ignoreFields: + description: |- + IgnoreFields to ignore at logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields + type: string + listenPort: + description: ListenPort defines listen port + format: int32 + type: integer + streamFields: + description: |- + StreamFields to use as log stream labels + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields + type: string + tenantID: + description: |- + TenantID for logs ingested in form of accountID:projectID + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs + type: string + tlsConfig: + description: TLSServerConfig defines VictoriaMetrics + TLS configuration for the application's server + properties: + certFile: + description: |- + CertFile defines path to the pre-mounted file with certificate + mutually exclusive with CertSecretRef + type: string + certSecret: + description: |- + CertSecretRef defines reference for secret with certificate content under given key + mutually exclusive with CertFile + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + keyFile: + description: |- + KeyFile defines path to the pre-mounted file with certificate key + mutually exclusive with KeySecretRef + type: string + keySecret: + description: |- + Key defines reference for secret with certificate key content under given key + mutually exclusive with KeyFile + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - listenPort + type: object + type: array + udpListeners: + description: UDPListeners defines syslog server UDP listener + configuration + items: + description: SyslogUDPListener defines configuration for + UDP syslog server listen + properties: + compressMethod: + description: |- + CompressMethod for syslog messages + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#compression + pattern: ^(none|zstd|gzip|deflate)$ + type: string + decolorizeFields: + description: |- + DecolorizeFields to remove ANSI color codes across logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#decolorizing-fields + type: string + ignoreFields: + description: |- + IgnoreFields to ignore at logs + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#dropping-fields + type: string + listenPort: + description: ListenPort defines listen port + format: int32 + type: integer + streamFields: + description: |- + StreamFields to use as log stream labels + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#stream-fields + type: string + tenantID: + description: |- + TenantID for logs ingested in form of accountID:projectID + see https://docs.victoriametrics.com/victorialogs/data-ingestion/syslog/#multiple-configs + type: string + required: + - listenPort + type: object + type: array + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: UpdateStrategy - overrides default update strategy. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + vlselect: + description: VLSelect defines vlselect component configuration at + victoria-logs cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + hpa: + description: Configures horizontal pod autoscaling. + type: object + x-kubernetes-preserve-unknown-fields: true + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VLSelect to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VLSelect to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VLSelect pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vlselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vlselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: UpdateStrategy - overrides default update strategy. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + vlstorage: + description: VLStorage defines vlstorage component configuration at + victoria-logs cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for StatefulSet + items: + description: PersistentVolumeClaim is a user's request for and + claim to a persistent volume + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + futureRetention: + description: |- + FutureRetention for the stored logs + Log entries with timestamps bigger than now+futureRetention are rejected during data ingestion; see https://docs.victoriametrics.com/victorialogs/#retention + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VLStorage to be configured with. + default or json + enum: + - default + - json + type: string + logIngestedRows: + description: Whether to log all the ingested log entries; this + can be useful for debugging of data ingestion; see https://docs.victoriametrics.com/victorialogs/data-ingestion/ + type: boolean + logLevel: + description: LogLevel for VLStorage to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + logNewStreams: + description: LogNewStreams Whether to log creation of new streams; + this can be useful for debugging of high cardinality issues + with log streams; see https://docs.victoriametrics.com/victorialogs/keyconcepts/#stream-fields + type: boolean + maintenanceInsertNodeIDs: + description: |- + MaintenanceInsertNodeIDs - excludes given node ids from insert requests routing, must contain pod suffixes - for pod-0, id will be 0 and etc. + lets say, you have pod-0, pod-1, pod-2, pod-3. to exclude pod-0 and pod-3 from insert routing, define nodeIDs: [0,3]. + Useful at storage expanding, when you want to rebalance some data at cluster. + items: + format: int32 + type: integer + type: array + maintenanceSelectNodeIDs: + description: MaintenanceInsertNodeIDs - excludes given node ids + from select requests routing, must contain pod suffixes - for + pod-0, id will be 0 and etc. + items: + format: int32 + type: integer + type: array + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VLStorage pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + retentionMaxDiskSpaceUsageBytes: + description: |- + RetentionMaxDiskSpaceUsageBytes for the stored logs + VictoriaLogs keeps at least two last days of data in order to guarantee that the logs for the last day can be returned in queries. + This means that the total disk space usage may exceed the -retention.maxDiskSpaceUsageBytes, + if the size of the last two days of data exceeds the -retention.maxDiskSpaceUsageBytes. + https://docs.victoriametrics.com/victorialogs/#retention-by-disk-space-usage + type: string + retentionPeriod: + description: |- + RetentionPeriod for the stored logs + https://docs.victoriametrics.com/victorialogs/#retention + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy defines strategy for application updates + Default is OnDelete, in this case operator handles update process + Can be changed for RollingUpdate + type: string + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vlselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vlselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: Storage configures persistent volume for VLStorage + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the VMAlertManager StatefulSets. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + storageDataPath: + description: StorageDataPath - path to storage data + type: string + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + status: + description: VLClusterStatus defines the observed state of VLCluster + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vlogs.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VLogs + listKind: VLogsList + plural: vlogs + singular: vlogs + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of logs instance update process + jsonPath: .status.status + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VLogs is fast, cost-effective and scalable logs database. + VLogs is the Schema for the vlogs API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + VLogsSpec defines the desired state of VLogs + VLogs is deprecated, migrate to the VLSingle + required: + - retentionPeriod + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: VLogsStatus defines the observed state of VLogs + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vlsingles.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VLSingle + listKind: VLSingleList + plural: vlsingles + singular: vlsingle + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of logs instance update process + jsonPath: .status.status + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: |- + VLSingle is fast, cost-effective and scalable logs database. + VLSingle is the Schema for the API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VLSingleSpec defines the desired state of VLSingle + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + futureRetention: + description: |- + FutureRetention for the stored logs + Log entries with timestamps bigger than now+futureRetention are rejected during data ingestion; see https://docs.victoriametrics.com/victorialogs/#retention + pattern: ^[0-9]+(h|d|y)?$ + type: string + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VLSingle to be configured with. + enum: + - default + - json + type: string + logIngestedRows: + description: Whether to log all the ingested log entries; this can + be useful for debugging of data ingestion; see https://docs.victoriametrics.com/victorialogs/data-ingestion/ + type: boolean + logLevel: + description: LogLevel for VictoriaLogs to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + logNewStreams: + description: LogNewStreams Whether to log creation of new streams; + this can be useful for debugging of high cardinality issues with + log streams; see https://docs.victoriametrics.com/victorialogs/keyconcepts/#stream-fields + type: boolean + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the VLSingle pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + retentionMaxDiskSpaceUsageBytes: + description: |- + RetentionMaxDiskSpaceUsageBytes for the stored logs + VictoriaLogs keeps at least two last days of data in order to guarantee that the logs for the last day can be returned in queries. + This means that the total disk space usage may exceed the -retention.maxDiskSpaceUsageBytes, + if the size of the last two days of data exceeds the -retention.maxDiskSpaceUsageBytes. + https://docs.victoriametrics.com/victorialogs/#retention-by-disk-space-usage + type: string + retentionPeriod: + description: |- + RetentionPeriod for the stored logs + https://docs.victoriametrics.com/victorialogs/#retention + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vlsingle VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vlsingle service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + Storage is the definition of how storage will be used by the VLSingle + by default it`s empty dir + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the PersistentVolume + backing this claim. + type: string + type: object + storageDataPath: + description: |- + StorageDataPath disables spec.storage option and overrides arg for victoria-logs binary --storageDataPath, + its users responsibility to mount proper device into given path. + type: string + storageMetadata: + description: StorageMeta defines annotations and labels attached to + PVC for given vlsingle CR + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + status: + description: VLSingleStatus defines the observed state of VLSingle + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmagents.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAgent + listKind: VMAgentList + plural: vmagents + singular: vmagent + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: current number of shards + jsonPath: .status.shards + name: Shards Count + type: integer + - description: current number of replicas + jsonPath: .status.replicas + name: Replica Count + type: integer + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMAgent - is a tiny but brave agent, which helps you collect metrics from various sources and stores them in VictoriaMetrics + or any other Prometheus-compatible storage system that supports the remote_write protocol. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMAgentSpec defines the desired state of VMAgent + properties: + aPIServerConfig: + description: |- + APIServerConfig allows specifying a host and auth methods to access apiserver. + If left empty, VMAgent is assumed to run inside of the cluster + and will discover API servers automatically and use the pod's CA certificate + and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. + aPIServerConfig is deprecated use apiServerConfig instead + required: + - host + type: object + x-kubernetes-preserve-unknown-fields: true + additionalScrapeConfigs: + description: |- + AdditionalScrapeConfigs As scrape configs are appended, the user is responsible to make sure it + is valid. Note that using this feature may expose the possibility to + break upgrades of VMAgent. It is advised to review VMAgent release + notes to ensure that no incompatible scrape configs are going to break + VMAgent after the upgrade. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + apiServerConfig: + description: |- + APIServerConfig allows specifying a host and auth methods to access apiserver. + If left empty, VMAgent is assumed to run inside of the cluster + and will discover API servers automatically and use the pod's CA certificate + and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. + properties: + authorization: + description: Authorization configures generic authorization params + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerToken: + description: Bearer token for accessing apiserver. + type: string + bearerTokenFile: + description: File to read bearer token for accessing apiserver. + type: string + host: + description: |- + Host of apiserver. + A valid string consisting of a hostname or IP followed by an optional port number + type: string + tlsConfig: + description: TLSConfig Config to use for accessing apiserver. + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for + the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - host + type: object + arbitraryFSAccessThroughSMs: + description: |- + ArbitraryFSAccessThroughSMs configures whether configuration + based on EndpointAuth can access arbitrary files on the file system + of the VMAgent container e.g. bearer token files, basic auth, tls certs + properties: + deny: + type: boolean + type: object + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for VMAgent in StatefulMode + items: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + x-kubernetes-preserve-unknown-fields: true + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status of + resource being resized for the given PVC.\nKey names follow + standard Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus + can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with a + terminal error.\n\t- NodeResizePending:\n\t\tState set + when resize controller has finished resizing the volume + but further resizing of\n\t\tvolume is needed on the node.\n\t- + NodeResizeInProgress:\n\t\tState set when kubelet starts + resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, it + means that no resize operation is in progress for the + given PVC.\n\nA controller that receives PVC update with + previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources allocated + to a PVC including its capacity.\nKey names follow standard + Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nCapacity + reported here may be larger than the actual capacity when + a volume expansion operation\nis requested.\nFor storage + quota, the larger value from allocatedResources and PVC.spec.resources + is used.\nIf allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and if + the actual volume capacity\nis equal or lower than the + requested capacity.\n\nA controller that receives PVC + update with previously unknown resourceName\nshould ignore + the update for the purpose it was designed. For example + - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources of + the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains details + about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed the + condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the condition + transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible indicates + that the request has been rejected as invalid by the + CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass + needs to be specified.\nNote: New statuses can be + added in the future. Consumers should check for unknown + statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: array + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configReloadAuthKeySecret: + description: |- + ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. + Given secret reference will be added to the application and vm-config-reloader as volume + available since v0.57.0 version + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + configReloaderExtraArgs: + additionalProperties: + type: string + description: |- + ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container + for example resyncInterval: "30s" + type: object + configReloaderImageTag: + description: ConfigReloaderImageTag defines image:tag for config-reloader + container + type: string + configReloaderResources: + description: |- + ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + daemonSetMode: + description: |- + DaemonSetMode enables DaemonSet deployment mode instead of Deployment. + Supports only VMPodScrape + (available from v0.55.0). + Cannot be used with statefulMode + type: boolean + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + enableKubernetesAPISelectors: + description: |- + EnableKubernetesAPISelectors instructs vmagent to use CRD scrape objects spec.selectors for + Kubernetes API list and watch requests. + https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#list-and-watch-filtering + It could be useful to reduce Kubernetes API server resource usage for serving less than 100 CRD scrape objects in total. + type: boolean + enforcedNamespaceLabel: + description: |- + EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert + and metric that is user created. The label value will always be the namespace of the object that is + being created. + type: string + externalLabels: + additionalProperties: + type: string + description: |- + ExternalLabels The labels to add to any time series scraped by vmagent. + it doesn't affect metrics ingested directly by push API's + type: object + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + ignoreNamespaceSelectors: + description: |- + IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from + scrape objects, and they will only discover endpoints + within their current namespace. Defaults to false. + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + ingestOnlyMode: + description: |- + IngestOnlyMode switches vmagent into unmanaged mode + it disables any config generation for scraping + Currently it prevents vmagent from managing tls and auth options for remote write + type: boolean + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + inlineRelabelConfig: + description: InlineRelabelConfig - defines GlobalRelabelConfig for + vmagent, can be defined directly at CRD. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + inlineScrapeConfig: + description: |- + InlineScrapeConfig As scrape configs are appended, the user is responsible to make sure it + is valid. Note that using this feature may expose the possibility to + break upgrades of VMAgent. It is advised to review VMAgent release + notes to ensure that no incompatible scrape configs are going to break + VMAgent after the upgrade. + it should be defined as single yaml file. + inlineScrapeConfig: | + - job_name: "prometheus" + static_configs: + - targets: ["localhost:9090"] + type: string + insertPorts: + description: InsertPorts - additional listen ports for data ingestion. + properties: + graphitePort: + description: GraphitePort listen port + type: string + influxPort: + description: InfluxPort listen port + type: string + openTSDBHTTPPort: + description: OpenTSDBHTTPPort for http connections. + type: string + openTSDBPort: + description: OpenTSDBPort for tcp and udp listen + type: string + type: object + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/enterprise) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VMAgent to be configured with. + enum: + - default + - json + type: string + logLevel: + description: |- + LogLevel for VMAgent to be configured with. + INFO, WARN, ERROR, FATAL, PANIC + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + maxScrapeInterval: + description: |- + MaxScrapeInterval allows limiting maximum scrape interval for VMServiceScrape, VMPodScrape and other scrapes + If interval is higher than defined limit, `maxScrapeInterval` will be used. + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + minScrapeInterval: + description: |- + MinScrapeInterval allows limiting minimal scrape interval for VMServiceScrape, VMPodScrape and other scrapes + If interval is lower than defined limit, `minScrapeInterval` will be used. + type: string + nodeScrapeNamespaceSelector: + description: |- + NodeScrapeNamespaceSelector defines Namespaces to be selected for VMNodeScrape discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + nodeScrapeRelabelTemplate: + description: |- + NodeScrapeRelabelTemplate defines relabel config, that will be added to each VMNodeScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + nodeScrapeSelector: + description: |- + NodeScrapeSelector defines VMNodeScrape to be selected for scraping. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + overrideHonorLabels: + description: |- + OverrideHonorLabels if set to true overrides all user configured honor_labels. + If HonorLabels is set in scrape objects to true, this overrides honor_labels to false. + type: boolean + overrideHonorTimestamps: + description: OverrideHonorTimestamps allows to globally enforce honoring + timestamps in all scrape configs. + type: boolean + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the vmagent pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + podScrapeNamespaceSelector: + description: |- + PodScrapeNamespaceSelector defines Namespaces to be selected for VMPodScrape discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + podScrapeRelabelTemplate: + description: |- + PodScrapeRelabelTemplate defines relabel config, that will be added to each VMPodScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + podScrapeSelector: + description: |- + PodScrapeSelector defines PodScrapes to be selected for target discovery. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + probeNamespaceSelector: + description: |- + ProbeNamespaceSelector defines Namespaces to be selected for VMProbe discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + probeScrapeRelabelTemplate: + description: |- + ProbeScrapeRelabelTemplate defines relabel config, that will be added to each VMProbeScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + probeSelector: + description: |- + ProbeSelector defines VMProbe to be selected for target probing. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + relabelConfig: + description: |- + RelabelConfig ConfigMap with global relabel config -remoteWrite.relabelConfig + This relabeling is applied to all the collected metrics before sending them to remote storage. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + remoteWrite: + description: |- + RemoteWrite list of victoria metrics /some other remote write system + for vm it must looks like: http://victoria-metrics-single:8429/api/v1/write + or for cluster different url + https://github.com/VictoriaMetrics/VictoriaMetrics/tree/master/app/vmagent#splitting-data-streams-among-multiple-systems + items: + description: VMAgentRemoteWriteSpec defines the remote storage configuration + for VmAgent + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + forceVMProto: + description: ForceVMProto forces using VictoriaMetrics protocol + for sending data to -remoteWrite.url + type: boolean + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + inlineUrlRelabelConfig: + description: InlineUrlRelabelConfig defines relabeling config + for remoteWriteURL, it can be defined at crd spec. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + maxDiskUsage: + description: |- + MaxDiskUsage defines the maximum file-based buffer size in bytes for the given remoteWrite + It overrides global configuration defined at remoteWriteSettings.maxDiskUsagePerURL + x-kubernetes-preserve-unknown-fields: true + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: 'ProxyURL for -remoteWrite.url. Supported proxies: + http, https, socks5. Example: socks5://proxy:1234' + type: string + sendTimeout: + description: Timeout for sending a single block of data to -remoteWrite.url + (default 1m0s) + pattern: '[0-9]+(ms|s|m|h)' + type: string + streamAggrConfig: + description: StreamAggrConfig defines stream aggregation configuration + for VMAgent for -remoteWrite.url + properties: + configmap: + description: ConfigMap with stream aggregation rules + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + dedupInterval: + description: Allows setting different de-duplication intervals + per each configured remote storage + type: string + dropInput: + description: Allow drop all the input samples after the + aggregation + type: boolean + dropInputLabels: + description: labels to drop from samples for aggregator + before stream de-duplication and aggregation + items: + type: string + type: array + enableWindows: + description: EnableWindows enables aggregating data in separate + windows ( available from v0.54.0). + type: boolean + ignoreFirstIntervals: + description: IgnoreFirstIntervals instructs to ignore first + interval + type: integer + ignoreOldSamples: + description: IgnoreOldSamples instructs to ignore samples + with old timestamps outside the current aggregation interval. + type: boolean + keepInput: + description: Allows writing both raw and aggregate data + type: boolean + rules: + description: Stream aggregation rules + items: + description: StreamAggrRule defines the rule in stream + aggregation config + properties: + by: + description: |- + By is an optional list of labels for grouping input series. + + See also Without. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + dedup_interval: + description: DedupInterval is an optional interval + for deduplication. + type: string + drop_input_labels: + description: |- + DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples. + + Labels are dropped before de-duplication and aggregation. + items: + type: string + type: array + enable_windows: + description: EnableWindows enables aggregating data + in separate windows + type: boolean + flush_on_shutdown: + description: |- + FlushOnShutdown defines whether to flush the aggregation state on process termination + or config reload. Is `false` by default. + It is not recommended changing this setting, unless unfinished aggregations states + are preferred to missing data points. + type: boolean + ignore_first_intervals: + type: integer + ignore_old_samples: + description: IgnoreOldSamples instructs to ignore + samples with old timestamps outside the current + aggregation interval. + type: boolean + input_relabel_configs: + description: |- + InputRelabelConfigs is an optional relabeling rules, which are applied on the input + before aggregation. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex + matching. Default is 'replace' + type: string + if: + description: 'If represents metricsQL match + expression (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match + for `action: graphite`' + type: object + match: + description: 'Match is used together with Labels + for `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of + the source label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + interval: + description: Interval is the interval between aggregations. + type: string + keep_metric_names: + description: KeepMetricNames instructs to leave metric + names as is for the output time series without adding + any suffix. + type: boolean + match: + description: |- + Match is a label selector (or list of label selectors) for filtering time series for the given selector. + + If the match isn't set, then all the input time series are processed. + x-kubernetes-preserve-unknown-fields: true + no_align_flush_to_interval: + description: |- + NoAlignFlushToInterval disables aligning of flushes to multiples of Interval. + By default flushes are aligned to Interval. + type: boolean + output_relabel_configs: + description: |- + OutputRelabelConfigs is an optional relabeling rules, which are applied + on the aggregated output before being sent to remote storage. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex + matching. Default is 'replace' + type: string + if: + description: 'If represents metricsQL match + expression (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match + for `action: graphite`' + type: object + match: + description: 'Match is used together with Labels + for `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of + the source label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + outputs: + description: |- + Outputs is a list of output aggregate functions to produce. + + The following names are allowed: + + - total - aggregates input counters + - increase - counts the increase over input counters + - count_series - counts the input series + - count_samples - counts the input samples + - sum_samples - sums the input samples + - last - the last biggest sample value + - min - the minimum sample value + - max - the maximum sample value + - avg - the average value across all the samples + - stddev - standard deviation across all the samples + - stdvar - standard variance across all the samples + - histogram_bucket - creates VictoriaMetrics histogram for input samples + - quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1] + + The output time series will have the following names: + + input_name:aggr__ + items: + type: string + type: array + staleness_interval: + description: |- + Staleness interval is interval after which the series state will be reset if no samples have been sent during it. + The parameter is only relevant for outputs: total, total_prometheus, increase, increase_prometheus and histogram_bucket. + type: string + without: + description: |- + Without is an optional list of labels, which must be excluded when grouping input series. + + See also By. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + required: + - interval + - outputs + type: object + type: array + type: object + tlsConfig: + description: TLSConfig describes tls configuration for remote + write target + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + url: + description: URL of the endpoint to send samples to. + type: string + urlRelabelConfig: + description: ConfigMap with relabeling config which is applied + to metrics before sending them to the corresponding -remoteWrite.url + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - url + type: object + type: array + remoteWriteSettings: + description: RemoteWriteSettings defines global settings for all remoteWrite + urls. + properties: + flushInterval: + description: Interval for flushing the data to remote storage. + (default 1s) + pattern: '[0-9]+(ms|s|m|h)' + type: string + label: + additionalProperties: + type: string + description: Labels in the form 'name=value' to add to all the + metrics before sending them. This overrides the label if it + already exists. + type: object + maxBlockSize: + description: The maximum size in bytes of unpacked request to + send to remote storage + format: int32 + type: integer + maxDiskUsagePerURL: + description: The maximum file-based buffer size in bytes at -remoteWrite.tmpDataPath + x-kubernetes-preserve-unknown-fields: true + queues: + description: The number of concurrent queues + format: int32 + type: integer + showURL: + description: Whether to show -remoteWrite.url in the exported + metrics. It is hidden by default, since it can contain sensitive + auth info + type: boolean + tmpDataPath: + description: Path to directory where temporary data for remote + write component is stored (default vmagent-remotewrite-data) + type: string + useMultiTenantMode: + description: |- + Configures vmagent accepting data via the same multitenant endpoints as vminsert at VictoriaMetrics cluster does, + see [here](https://docs.victoriametrics.com/vmagent/#multitenancy). + it's global setting and affects all remote storage configurations + type: boolean + type: object + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + scrapeConfigNamespaceSelector: + description: |- + ScrapeConfigNamespaceSelector defines Namespaces to be selected for VMScrapeConfig discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + scrapeConfigRelabelTemplate: + description: |- + ScrapeConfigRelabelTemplate defines relabel config, that will be added to each VMScrapeConfig. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + scrapeConfigSelector: + description: |- + ScrapeConfigSelector defines VMScrapeConfig to be selected for target discovery. + Works in combination with NamespaceSelector. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + scrapeInterval: + description: ScrapeInterval defines how often scrape targets by default + pattern: '[0-9]+(ms|s|m|h)' + type: string + scrapeTimeout: + description: ScrapeTimeout defines global timeout for targets scrape + pattern: '[0-9]+(ms|s|m|h)' + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + selectAllByDefault: + description: |- + SelectAllByDefault changes default behavior for empty CRD selectors, such ServiceScrapeSelector. + with selectAllByDefault: true and empty serviceScrapeSelector and ServiceScrapeNamespaceSelector + Operator selects all exist serviceScrapes + with selectAllByDefault: false - selects nothing + type: boolean + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeNamespaceSelector: + description: |- + ServiceScrapeNamespaceSelector Namespaces to be selected for VMServiceScrape discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + serviceScrapeRelabelTemplate: + description: |- + ServiceScrapeRelabelTemplate defines relabel config, that will be added to each VMServiceScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + serviceScrapeSelector: + description: |- + ServiceScrapeSelector defines ServiceScrapes to be selected for target discovery. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmagent VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmagent service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + shardCount: + description: |- + ShardCount - numbers of shards of VMAgent + in this case operator will use 1 deployment/sts per shard with + replicas count according to spec.replicas, + see [here](https://docs.victoriametrics.com/vmagent/#scraping-big-number-of-targets) + type: integer + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + statefulMode: + description: |- + StatefulMode enables StatefulSet for `VMAgent` instead of Deployment + it allows using persistent storage for vmagent's persistentQueue + type: boolean + statefulRollingUpdateStrategy: + description: |- + StatefulRollingUpdateStrategy allows configuration for strategyType + set it to RollingUpdate for disabling operator statefulSet rollingUpdate + type: string + statefulStorage: + description: StatefulStorage configures storage for StatefulSet + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the VMAlertManager StatefulSets. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: EmbeddedMetadata contains metadata relevant to + an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + Spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + Status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object + staticScrapeNamespaceSelector: + description: |- + StaticScrapeNamespaceSelector defines Namespaces to be selected for VMStaticScrape discovery. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + staticScrapeRelabelTemplate: + description: |- + StaticScrapeRelabelTemplate defines relabel config, that will be added to each VMStaticScrape. + it's useful for adding specific labels to all targets + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + staticScrapeSelector: + description: |- + StaticScrapeSelector defines VMStaticScrape to be selected for target discovery. + Works in combination with NamespaceSelector. + If both nil - match everything. + NamespaceSelector nil - only objects at VMAgent namespace. + Selector nil - only objects at NamespaceSelector namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + streamAggrConfig: + description: StreamAggrConfig defines global stream aggregation configuration + for VMAgent + properties: + configmap: + description: ConfigMap with stream aggregation rules + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + dedupInterval: + description: Allows setting different de-duplication intervals + per each configured remote storage + type: string + dropInput: + description: Allow drop all the input samples after the aggregation + type: boolean + dropInputLabels: + description: labels to drop from samples for aggregator before + stream de-duplication and aggregation + items: + type: string + type: array + enableWindows: + description: EnableWindows enables aggregating data in separate + windows ( available from v0.54.0). + type: boolean + ignoreFirstIntervals: + description: IgnoreFirstIntervals instructs to ignore first interval + type: integer + ignoreOldSamples: + description: IgnoreOldSamples instructs to ignore samples with + old timestamps outside the current aggregation interval. + type: boolean + keepInput: + description: Allows writing both raw and aggregate data + type: boolean + rules: + description: Stream aggregation rules + items: + description: StreamAggrRule defines the rule in stream aggregation + config + properties: + by: + description: |- + By is an optional list of labels for grouping input series. + + See also Without. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + dedup_interval: + description: DedupInterval is an optional interval for deduplication. + type: string + drop_input_labels: + description: |- + DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples. + + Labels are dropped before de-duplication and aggregation. + items: + type: string + type: array + enable_windows: + description: EnableWindows enables aggregating data in separate + windows + type: boolean + flush_on_shutdown: + description: |- + FlushOnShutdown defines whether to flush the aggregation state on process termination + or config reload. Is `false` by default. + It is not recommended changing this setting, unless unfinished aggregations states + are preferred to missing data points. + type: boolean + ignore_first_intervals: + type: integer + ignore_old_samples: + description: IgnoreOldSamples instructs to ignore samples + with old timestamps outside the current aggregation interval. + type: boolean + input_relabel_configs: + description: |- + InputRelabelConfigs is an optional relabeling rules, which are applied on the input + before aggregation. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + interval: + description: Interval is the interval between aggregations. + type: string + keep_metric_names: + description: KeepMetricNames instructs to leave metric names + as is for the output time series without adding any suffix. + type: boolean + match: + description: |- + Match is a label selector (or list of label selectors) for filtering time series for the given selector. + + If the match isn't set, then all the input time series are processed. + x-kubernetes-preserve-unknown-fields: true + no_align_flush_to_interval: + description: |- + NoAlignFlushToInterval disables aligning of flushes to multiples of Interval. + By default flushes are aligned to Interval. + type: boolean + output_relabel_configs: + description: |- + OutputRelabelConfigs is an optional relabeling rules, which are applied + on the aggregated output before being sent to remote storage. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + outputs: + description: |- + Outputs is a list of output aggregate functions to produce. + + The following names are allowed: + + - total - aggregates input counters + - increase - counts the increase over input counters + - count_series - counts the input series + - count_samples - counts the input samples + - sum_samples - sums the input samples + - last - the last biggest sample value + - min - the minimum sample value + - max - the maximum sample value + - avg - the average value across all the samples + - stddev - standard deviation across all the samples + - stdvar - standard variance across all the samples + - histogram_bucket - creates VictoriaMetrics histogram for input samples + - quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1] + + The output time series will have the following names: + + input_name:aggr__ + items: + type: string + type: array + staleness_interval: + description: |- + Staleness interval is interval after which the series state will be reset if no samples have been sent during it. + The parameter is only relevant for outputs: total, total_prometheus, increase, increase_prometheus and histogram_bucket. + type: string + without: + description: |- + Without is an optional list of labels, which must be excluded when grouping input series. + + See also By. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + required: + - interval + - outputs + type: object + type: array + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: |- + UpdateStrategy - overrides default update strategy. + works only for deployments, statefulset always use OnDelete. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + useVMConfigReloader: + description: |- + UseVMConfigReloader replaces prometheus-like config-reloader + with vm one. It uses secrets watch instead of file watch + which greatly increases speed of config updates + type: boolean + vmAgentExternalLabelName: + description: |- + VMAgentExternalLabelName Name of vmAgent external label used to denote vmAgent instance + name. Defaults to the value of `prometheus`. External label will + _not_ be added when value is set to empty string (`""`). + type: string + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + required: + - remoteWrite + type: object + status: + description: VMAgentStatus defines the observed state of VMAgent + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + replicas: + description: ReplicaCount Total number of pods targeted by this VMAgent + format: int32 + type: integer + selector: + description: Selector string form of label value set for autoscaling + type: string + shards: + description: Shards represents total number of vmagent deployments + with uniq scrape targets + format: int32 + type: integer + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.shardCount + statusReplicasPath: .status.shards + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmalertmanagerconfigs.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAlertmanagerConfig + listKind: VMAlertmanagerConfigList + plural: vmalertmanagerconfigs + singular: vmalertmanagerconfig + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMAlertmanagerConfig is the Schema for the vmalertmanagerconfigs + API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + VMAlertmanagerConfigSpec defines configuration for VMAlertmanagerConfig + it must reference only locally defined objects + properties: + inhibit_rules: + description: |- + InhibitRules will only apply for alerts matching + the resource's namespace. + items: + description: |- + InhibitRule defines an inhibition rule that allows to mute alerts when other + alerts are already firing. + Note, it doesn't support deprecated alertmanager config options. + See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule + properties: + equal: + description: |- + Labels that must have an equal value in the source and target alert for + the inhibition to take effect. + items: + type: string + type: array + source_matchers: + description: |- + SourceMatchers defines a list of matchers for which one or more alerts have + to exist for the inhibition to take effect. + items: + type: string + type: array + target_matchers: + description: |- + TargetMatchers defines a list of matchers that have to be fulfilled by the target + alerts to be muted. + items: + type: string + type: array + type: object + type: array + receivers: + description: Receivers defines alert receivers + items: + description: Receiver defines one or more notification integrations. + properties: + discord_configs: + items: + properties: + avatar_url: + description: |- + AvatarURL defines message avatar URL + Available from operator v0.55.0 and alertmanager v0.28.0 + type: string + content: + description: |- + Content defines message content template + Available from operator v0.55.0 and alertmanager v0.28.0 + maxLength: 2000 + type: string + http_config: + description: HTTP client configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: The message body template + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + title: + description: The message title template + type: string + username: + description: |- + Username defines message username + Available from operator v0.55.0 and alertmanager v0.28.0 + type: string + webhook_url: + description: |- + The discord webhook URL + one of `urlSecret` and `url` must be defined. + type: string + webhook_url_secret: + description: |- + URLSecret defines secret name and key at the CRD namespace. + It must contain the webhook URL. + one of `urlSecret` and `url` must be defined. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + email_configs: + description: EmailConfigs defines email notification configurations. + items: + description: EmailConfig configures notifications via Email. + properties: + auth_identity: + description: The identity to use for authentication. + type: string + auth_password: + description: AuthPassword defines secret name and key + at CRD namespace. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + auth_secret: + description: |- + AuthSecret defines secret name and key at CRD namespace. + It must contain the CRAM-MD5 secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + auth_username: + description: The username to use for authentication. + type: string + from: + description: |- + The sender address. + fallback to global setting if empty + type: string + headers: + additionalProperties: + type: string + description: |- + Further headers email header key/value pairs. Overrides any headers + previously set by the notification implementation. + type: object + hello: + description: The hostname to identify to the SMTP server. + type: string + html: + description: The HTML body of the email notification. + type: string + require_tls: + description: |- + The SMTP TLS requirement. + Note that Go does not support unencrypted connections to remote SMTP endpoints. + type: boolean + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + smarthost: + description: |- + The SMTP host through which emails are sent. + fallback to global setting if empty + type: string + text: + description: The text body of the email notification. + type: string + tls_config: + description: TLS configuration + properties: + ca: + description: Struct containing the CA cert to use + for the targets. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert file + for the targets. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file + for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + to: + description: The email address to send notifications to. + type: string + type: object + type: array + jira_configs: + items: + description: |- + JiraConfig represent alertmanager's jira_config entry + https://prometheus.io/docs/alerting/latest/configuration/#jira_config + available from v0.55.0 operator version + and v0.28.0 alertmanager version + properties: + api_url: + description: |- + The URL to send API requests to. The full API path must be included. + Example: https://company.atlassian.net/rest/api/2/ + type: string + custom_fields: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + description: |- + Other issue and custom fields. + Jira issue field can have multiple types. + Depends on the field type, the values must be provided differently. + See https://developer.atlassian.com/server/jira/platform/jira-rest-api-examples/#setting-custom-field-data-for-other-field-types for further examples. + type: object + description: + description: Issue description template. + type: string + http_config: + description: |- + The HTTP client's configuration. You must use this configuration to supply the personal access token (PAT) as part of the HTTP `Authorization` header. + For Jira Cloud, use basic_auth with the email address as the username and the PAT as the password. + For Jira Data Center, use the 'authorization' field with 'credentials: '. + x-kubernetes-preserve-unknown-fields: true + issue_type: + description: Type of the issue (e.g. Bug) + type: string + labels: + description: Labels to be added to the issue + items: + type: string + type: array + priority: + description: Priority of the issue + type: string + project: + description: The project key where issues are created + type: string + reopen_duration: + description: |- + If reopen_transition is defined, reopen the issue when it is not older than this value (rounded down to the nearest minute). + The resolutiondate field is used to determine the age of the issue. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + reopen_transition: + description: |- + Name of the workflow transition to resolve an issue. + The target status must have the category "done". + type: string + resolve_transition: + description: |- + Name of the workflow transition to reopen an issue. + The target status should not have the category "done". + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + summary: + description: Issue summary template + type: string + wont_fix_resolution: + description: If reopen_transition is defined, ignore issues + with that resolution. + type: string + required: + - issue_type + - project + type: object + type: array + msteams_configs: + items: + properties: + http_config: + description: HTTP client configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + text: + description: The text body of the teams notification. + type: string + title: + description: The title of the teams notification. + type: string + webhook_url: + description: |- + The incoming webhook URL + one of `urlSecret` and `url` must be defined. + type: string + webhook_url_secret: + description: |- + URLSecret defines secret name and key at the CRD namespace. + It must contain the webhook URL. + one of `urlSecret` and `url` must be defined. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + msteamsv2_configs: + items: + description: |- + MSTeamsV2Config sends notifications using the new message format with adaptive cards as required by flows. + https://support.microsoft.com/en-gb/office/create-incoming-webhooks-with-workflows-for-microsoft-teams-8ae491c7-0394-4861-ba59-055e33f75498 + available from v0.55.0 operator version + and v0.28.0 alertmanager version + properties: + http_config: + x-kubernetes-preserve-unknown-fields: true + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + text: + description: Message body template. + type: string + title: + description: Message title template. + type: string + webhook_url: + description: |- + The incoming webhook URL + one of `urlSecret` and `url` must be defined. + type: string + webhook_url_secret: + description: |- + URLSecret defines secret name and key at the CRD namespace. + It must contain the webhook URL. + one of `webhook_url` or `webhook_url_secret` must be defined. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + name: + description: Name of the receiver. Must be unique across all + items from the list. + minLength: 1 + type: string + opsgenie_configs: + description: OpsGenieConfigs defines ops genie notification + configurations. + items: + description: |- + OpsGenieConfig configures notifications via OpsGenie. + See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config + properties: + actions: + description: Comma separated list of actions that will + be available for the alert. + type: string + api_key: + description: |- + The secret's key that contains the OpsGenie API key. + It must be at them same namespace as CRD + fallback to global setting if empty + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + apiURL: + description: The URL to send OpsGenie API requests to. + type: string + description: + description: Description of the incident. + type: string + details: + additionalProperties: + type: string + description: A set of arbitrary key/value pairs that provide + further detail about the incident. + type: object + entity: + description: Optional field that can be used to specify + which domain alert is related to. + type: string + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + message: + description: Alert text limited to 130 characters. + type: string + note: + description: Additional alert note. + type: string + priority: + description: Priority level of alert. Possible values + are P1, P2, P3, P4, and P5. + type: string + responders: + description: List of responders responsible for notifications. + items: + description: |- + OpsGenieConfigResponder defines a responder to an incident. + One of `id`, `name` or `username` has to be defined. + properties: + id: + description: ID of the responder. + type: string + name: + description: Name of the responder. + type: string + type: + description: Type of responder. + minLength: 1 + type: string + username: + description: Username of the responder. + type: string + required: + - type + type: object + type: array + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + source: + description: Backlink to the sender of the notification. + type: string + tags: + description: Comma separated list of tags attached to + the notifications. + type: string + update_alerts: + description: |- + Whether to update message and description of the alert in OpsGenie if it already exists + By default, the alert is never updated in OpsGenie, the new message only appears in activity log. + type: boolean + type: object + type: array + pagerduty_configs: + description: PagerDutyConfigs defines pager duty notification + configurations. + items: + description: |- + PagerDutyConfig configures notifications via PagerDuty. + See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config + properties: + class: + description: The class/type of the event. + type: string + client: + description: Client identification. + type: string + client_url: + description: Backlink to the sender of notification. + type: string + component: + description: The part or component of the affected system + that is broken. + type: string + description: + description: Description of the incident. + type: string + details: + additionalProperties: + type: string + description: Arbitrary key/value pairs that provide further + detail about the incident. + type: object + group: + description: A cluster or grouping of sources. + type: string + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + images: + description: Images to attach to the incident. + items: + description: |- + ImageConfig is used to attach images to the incident. + See https://developer.pagerduty.com/docs/ZG9jOjExMDI5NTgx-send-an-alert-event#the-images-property + for more information. + properties: + alt: + type: string + href: + type: string + source: + type: string + required: + - source + type: object + type: array + links: + description: Links to attach to the incident. + items: + description: |- + LinkConfig is used to attach text links to the incident. + See https://developer.pagerduty.com/docs/ZG9jOjExMDI5NTgx-send-an-alert-event#the-links-property + for more information. + properties: + href: + type: string + text: + type: string + required: + - href + type: object + type: array + routing_key: + description: |- + The secret's key that contains the PagerDuty integration key (when using + Events API v2). Either this field or `serviceKey` needs to be defined. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + service_key: + description: |- + The secret's key that contains the PagerDuty service key (when using + integration type "Prometheus"). Either this field or `routingKey` needs to + be defined. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + severity: + description: Severity of the incident. + type: string + url: + description: The URL to send requests to. + type: string + type: object + type: array + pushover_configs: + description: PushoverConfigs defines push over notification + configurations. + items: + description: |- + PushoverConfig configures notifications via Pushover. + See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config + properties: + expire: + description: |- + How long your notification will continue to be retried for, unless the user + acknowledges the notification. + type: string + html: + description: Whether notification message is HTML or plain + text. + type: boolean + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + message: + description: Notification message. + type: string + priority: + description: Priority, see https://pushover.net/api#priority + type: string + retry: + description: |- + How often the Pushover servers will send the same notification to the user. + Must be at least 30 seconds. + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + sound: + description: The name of one of the sounds supported by + device clients to override the user's default sound + choice + type: string + title: + description: Notification title. + type: string + token: + description: |- + The secret's key that contains the registered application’s API token, see https://pushover.net/apps. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + url: + description: A supplementary URL shown alongside the message. + type: string + url_title: + description: A title for supplementary URL, otherwise + just the URL is shown + type: string + user_key: + description: |- + The secret's key that contains the recipient user’s user key. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + rocketchat_configs: + items: + description: |- + RocketchatConfig configures notifications via Rocketchat. + https://prometheus.io/docs/alerting/latest/configuration/#rocketchat_config + available from v0.55.0 operator version + and v0.28.0 alertmanager version + properties: + actions: + items: + description: |- + RocketchatAttachmentAction defines message attachments + https://github.com/RocketChat/Rocket.Chat.Go.SDK/blob/master/models/message.go + properties: + msg: + type: string + text: + type: string + type: + type: string + url: + type: string + type: object + type: array + api_url: + type: string + channel: + description: 'RocketChat channel override, (like #other-channel + or @username).' + type: string + color: + type: string + emoji: + type: string + fields: + items: + description: |- + RocketchatAttachmentField defines API fields + https://developer.rocket.chat/reference/api/rest-api/endpoints/messaging/chat-endpoints/postmessage#attachment-field-objects + properties: + short: + type: boolean + title: + type: string + value: + type: string + type: object + type: array + http_config: + x-kubernetes-preserve-unknown-fields: true + icon_url: + type: string + image_url: + type: string + link_names: + type: boolean + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + short_fields: + type: boolean + text: + type: string + thumb_url: + type: string + title: + type: string + title_link: + type: string + token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + token_id: + description: |- + The sender token and token_id + See https://docs.rocket.chat/use-rocket.chat/user-guides/user-panel/my-account#personal-access-tokens + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + slack_configs: + description: SlackConfigs defines slack notification configurations. + items: + description: |- + SlackConfig configures notifications via Slack. + See https://prometheus.io/docs/alerting/latest/configuration/#slack_config + properties: + actions: + description: A list of Slack actions that are sent with + each notification. + items: + description: |- + SlackAction configures a single Slack action that is sent with each + notification. + See https://api.slack.com/docs/message-attachments#action_fields and + https://api.slack.com/docs/message-buttons for more information. + properties: + confirm: + description: |- + SlackConfirmationField protect users from destructive actions or + particularly distinguished decisions by asking them to confirm their button + click one more time. + See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields + for more information. + properties: + dismiss_text: + type: string + ok_text: + type: string + text: + minLength: 1 + type: string + title: + type: string + required: + - text + type: object + name: + type: string + style: + type: string + text: + minLength: 1 + type: string + type: + minLength: 1 + type: string + url: + type: string + value: + type: string + required: + - text + - type + type: object + type: array + api_url: + description: |- + The secret's key that contains the Slack webhook URL. + It must be at them same namespace as CRD + fallback to global setting if empty + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + callback_id: + type: string + channel: + description: The channel or user to send notifications + to. + type: string + color: + type: string + fallback: + type: string + fields: + description: A list of Slack fields that are sent with + each notification. + items: + description: |- + SlackField configures a single Slack field that is sent with each notification. + See https://api.slack.com/docs/message-attachments#fields for more information. + properties: + short: + type: boolean + title: + minLength: 1 + type: string + value: + minLength: 1 + type: string + required: + - title + - value + type: object + type: array + footer: + type: string + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + icon_emoji: + type: string + icon_url: + type: string + image_url: + type: string + link_names: + type: boolean + mrkdwn_in: + items: + type: string + type: array + pretext: + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + short_fields: + type: boolean + text: + type: string + thumb_url: + type: string + title: + type: string + title_link: + type: string + username: + type: string + type: object + type: array + sns_configs: + items: + properties: + api_url: + description: The api URL + type: string + attributes: + additionalProperties: + type: string + description: SNS message attributes + type: object + http_config: + description: HTTP client configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: The message content of the SNS notification. + type: string + phone_number: + description: |- + Phone number if message is delivered via SMS + Specify this, topic_arn or target_arn + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + sigv4: + description: Configure the AWS Signature Verification + 4 signing process + properties: + access_key: + description: |- + The AWS API keys. Both access_key and secret_key must be supplied or both must be blank. + If blank the environment variables `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` are used. + type: string + access_key_selector: + description: secret key selector to get the keys from + a Kubernetes Secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + profile: + description: Named AWS profile used to authenticate + type: string + region: + description: AWS region, if blank the region from + the default credentials chain is used + type: string + role_arn: + description: AWS Role ARN, an alternative to using + AWS API keys + type: string + secret_key_selector: + description: secret key selector to get the keys from + a Kubernetes Secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + subject: + description: The subject line if message is delivered + to an email endpoint. + type: string + target_arn: + description: |- + Mobile platform endpoint ARN if message is delivered via mobile notifications + Specify this, topic_arn or phone_number + type: string + topic_arn: + description: SNS topic ARN, either specify this, phone_number + or target_arn + type: string + type: object + type: array + telegram_configs: + items: + description: |- + TelegramConfig configures notification via telegram + https://prometheus.io/docs/alerting/latest/configuration/#telegram_config + properties: + api_url: + description: APIUrl the Telegram API URL i.e. https://api.telegram.org. + type: string + bot_token: + description: |- + BotToken token for the bot + https://core.telegram.org/bots/api + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + chat_id: + description: ChatID is ID of the chat where to send the + messages. + type: integer + disable_notifications: + description: DisableNotifications + type: boolean + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + message: + description: Message is templated message + type: string + message_thread_id: + description: MessageThreadID defines ID of the message + thread where to send the messages. + type: integer + parse_mode: + description: |- + ParseMode for telegram message, + supported values are MarkdownV2, Markdown, Markdown and empty string for plain text. + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + required: + - bot_token + - chat_id + type: object + type: array + victorops_configs: + description: VictorOpsConfigs defines victor ops notification + configurations. + items: + description: |- + VictorOpsConfig configures notifications via VictorOps. + See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config + properties: + api_key: + description: |- + The secret's key that contains the API key to use when talking to the VictorOps API. + It must be at them same namespace as CRD + fallback to global setting if empty + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + api_url: + description: The VictorOps API URL. + type: string + custom_fields: + additionalProperties: + type: string + description: |- + Adds optional custom fields + https://github.com/prometheus/alertmanager/blob/v0.24.0/config/notifiers.go#L537 + type: object + entity_display_name: + description: Contains summary of the alerted problem. + type: string + http_config: + description: The HTTP client's configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message_type: + description: Describes the behavior of the alert (CRITICAL, + WARNING, INFO). + type: string + monitoring_tool: + description: The monitoring tool the state message is + from. + type: string + routing_key: + description: A key used to map the alert to a team. + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + state_message: + description: Contains long explanation of the alerted + problem. + type: string + required: + - routing_key + type: object + type: array + webex_configs: + items: + properties: + api_url: + description: The Webex Teams API URL, i.e. https://webexapis.com/v1/messages + type: string + http_config: + description: HTTP client configuration. You must use this + configuration to supply the bot token as part of the + HTTP `Authorization` header. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: The message body template + type: string + room_id: + description: The ID of the Webex Teams room where to send + the messages + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + required: + - room_id + type: object + type: array + webhook_configs: + description: WebhookConfigs defines webhook notification configurations. + items: + description: |- + WebhookConfig configures notifications via a generic receiver supporting the webhook payload. + See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config + properties: + http_config: + description: HTTP client configuration. + type: object + x-kubernetes-preserve-unknown-fields: true + max_alerts: + description: Maximum number of alerts to be sent per webhook + message. When 0, all alerts are included. + format: int32 + minimum: 0 + type: integer + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + timeout: + description: |- + Timeout is the maximum time allowed to invoke the webhook + available since v0.28.0 alertmanager version + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + url: + description: |- + URL to send requests to, + one of `urlSecret` and `url` must be defined. + type: string + url_secret: + description: |- + URLSecret defines secret name and key at the CRD namespace. + It must contain the webhook URL. + one of `urlSecret` and `url` must be defined. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + wechat_configs: + description: WeChatConfigs defines wechat notification configurations. + items: + description: |- + WeChatConfig configures notifications via WeChat. + See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config + properties: + agent_id: + type: string + api_secret: + description: |- + The secret's key that contains the WeChat API key. + The secret needs to be in the same namespace as the AlertmanagerConfig + fallback to global alertmanager setting if empty + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + api_url: + description: |- + The WeChat API URL. + fallback to global alertmanager setting if empty + type: string + corp_id: + description: |- + The corp id for authentication. + fallback to global alertmanager setting if empty + type: string + http_config: + description: HTTP client configuration. + properties: + authorization: + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to + bearer + type: string + type: object + basic_auth: + description: BasicAuth for the client. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token_file: + description: BearerTokenFile defines filename for + bearer token, it must be mounted to pod. + type: string + bearer_token_secret: + description: |- + The secret's key that contains the bearer token + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxyURL: + description: Optional proxy URL. + type: string + tls_config: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the + container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: API request data as defined by the WeChat + API. + type: string + message_type: + type: string + send_resolved: + description: SendResolved controls notify about resolved + alerts. + type: boolean + to_party: + type: string + to_tag: + type: string + to_user: + type: string + type: object + type: array + required: + - name + type: object + type: array + route: + description: Route definition for alertmanager, may include nested + routes. + properties: + active_time_intervals: + description: |- + ActiveTimeIntervals Times when the route should be active + These must match the name at time_intervals + items: + type: string + type: array + continue: + description: |- + Continue indicating whether an alert should continue matching subsequent + sibling nodes. It will always be true for the first-level route if disableRouteContinueEnforce for vmalertmanager not set. + type: boolean + group_by: + description: List of labels to group by. + items: + type: string + type: array + group_interval: + description: How long to wait before sending an updated notification. + pattern: '[0-9]+(ms|s|m|h)' + type: string + group_wait: + description: How long to wait before sending the initial notification. + pattern: '[0-9]+(ms|s|m|h)' + type: string + matchers: + description: |- + List of matchers that the alert’s labels should match. For the first + level route, the operator adds a namespace: "CRD_NS" matcher. + https://prometheus.io/docs/alerting/latest/configuration/#matcher + items: + type: string + type: array + mute_time_intervals: + description: MuteTimeIntervals is a list of interval names that + will mute matched alert + items: + type: string + type: array + receiver: + description: Name of the receiver for this route. + type: string + repeat_interval: + description: How long to wait before repeating the last notification. + pattern: '[0-9]+(ms|s|m|h)' + type: string + routes: + description: |- + Child routes. + https://prometheus.io/docs/alerting/latest/configuration/#route + items: + x-kubernetes-preserve-unknown-fields: true + type: array + required: + - receiver + type: object + time_intervals: + description: |- + TimeIntervals defines named interval for active/mute notifications interval + See https://prometheus.io/docs/alerting/latest/configuration/#time_interval + items: + description: TimeIntervals for alerts + properties: + name: + description: Name of interval + type: string + time_intervals: + description: TimeIntervals interval configuration + items: + description: TimeInterval defines intervals of time + properties: + days_of_month: + description: |- + DayOfMonth defines list of numerical days in the month. Days begin at 1. Negative values are also accepted. + for example, ['1:5', '-3:-1'] + items: + type: string + type: array + location: + description: Location in golang time location form, e.g. + UTC + type: string + months: + description: |- + Months defines list of calendar months identified by a case-insensitive name (e.g. ‘January’) or numeric 1. + For example, ['1:3', 'may:august', 'december'] + items: + type: string + type: array + times: + description: Times defines time range for mute + items: + description: TimeRange ranges inclusive of the starting + time and exclusive of the end time + properties: + end_time: + description: EndTime for example HH:MM + type: string + start_time: + description: StartTime for example HH:MM + type: string + required: + - end_time + - start_time + type: object + type: array + weekdays: + description: Weekdays defines list of days of the week, + where the week begins on Sunday and ends on Saturday. + items: + type: string + type: array + years: + description: |- + Years defines numerical list of years, ranges are accepted. + For example, ['2020:2022', '2030'] + items: + type: string + type: array + type: object + type: array + required: + - name + - time_intervals + type: object + type: array + required: + - receivers + - route + type: object + status: + description: VMAlertmanagerConfigStatus defines the observed state of + VMAlertmanagerConfig + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + lastErrorParentAlertmanagerName: + type: string + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmalertmanagers.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAlertmanager + listKind: VMAlertmanagerList + plural: vmalertmanagers + shortNames: + - vma + singular: vmalertmanager + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The desired replicas number of Alertmanagers + jsonPath: .spec.replicaCount + name: ReplicaCount + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Current update status + jsonPath: .status.updateStatus + name: Update Status + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMAlertmanager represents Victoria-Metrics deployment for Alertmanager. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + Specification of the desired behavior of the VMAlertmanager cluster. More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + additionalPeers: + description: AdditionalPeers allows injecting a set of additional + Alertmanagers to peer with to form a highly available cluster. + items: + type: string + type: array + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for StatefulSet + items: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + x-kubernetes-preserve-unknown-fields: true + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status of + resource being resized for the given PVC.\nKey names follow + standard Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus + can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with a + terminal error.\n\t- NodeResizePending:\n\t\tState set + when resize controller has finished resizing the volume + but further resizing of\n\t\tvolume is needed on the node.\n\t- + NodeResizeInProgress:\n\t\tState set when kubelet starts + resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, it + means that no resize operation is in progress for the + given PVC.\n\nA controller that receives PVC update with + previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources allocated + to a PVC including its capacity.\nKey names follow standard + Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nCapacity + reported here may be larger than the actual capacity when + a volume expansion operation\nis requested.\nFor storage + quota, the larger value from allocatedResources and PVC.spec.resources + is used.\nIf allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and if + the actual volume capacity\nis equal or lower than the + requested capacity.\n\nA controller that receives PVC + update with previously unknown resourceName\nshould ignore + the update for the purpose it was designed. For example + - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources of + the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains details + about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed the + condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the condition + transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible indicates + that the request has been rejected as invalid by the + CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass + needs to be specified.\nNote: New statuses can be + added in the future. Consumers should check for unknown + statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: array + clusterAdvertiseAddress: + description: |- + ClusterAdvertiseAddress is the explicit address to advertise in cluster. + Needs to be provided for non RFC1918 [1] (public) addresses. + [1] RFC1918: https://tools.ietf.org/html/rfc1918 + type: string + clusterDomainName: + description: |- + ClusterDomainName defines domain name suffix for in-cluster dns addresses + aka .cluster.local + used to build pod peer addresses for in-cluster communication + type: string + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configNamespaceSelector: + description: |2- + ConfigNamespaceSelector defines namespace selector for VMAlertmanagerConfig. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAlertmanager namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + configRawYaml: + description: |- + ConfigRawYaml - raw configuration for alertmanager, + it helps it to start without secret. + priority -> hardcoded ConfigRaw -> ConfigRaw, provided by user -> ConfigSecret. + type: string + configReloadAuthKeySecret: + description: |- + ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. + Given secret reference will be added to the application and vm-config-reloader as volume + available since v0.57.0 version + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + configReloaderExtraArgs: + additionalProperties: + type: string + description: |- + ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container + for example resyncInterval: "30s" + type: object + configReloaderImageTag: + description: ConfigReloaderImageTag defines image:tag for config-reloader + container + type: string + configReloaderResources: + description: |- + ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + configSecret: + description: |- + ConfigSecret is the name of a Kubernetes Secret in the same namespace as the + VMAlertmanager object, which contains configuration for this VMAlertmanager, + configuration must be inside secret key: alertmanager.yaml. + It must be created by user. + instance. Defaults to 'vmalertmanager-' + The secret is mounted into /etc/alertmanager/config. + type: string + configSelector: + description: |- + ConfigSelector defines selector for VMAlertmanagerConfig, result config will be merged with with Raw or Secret config. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAlertmanager namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableNamespaceMatcher: + description: |- + DisableNamespaceMatcher disables top route namespace label matcher for VMAlertmanagerConfig + It may be useful if alert doesn't have namespace label for some reason + type: boolean + disableRouteContinueEnforce: + description: DisableRouteContinueEnforce cancel the behavior for VMAlertmanagerConfig + that always enforce first-level route continue to true + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + enforcedTopRouteMatchers: + description: |- + EnforcedTopRouteMatchers defines label matchers to be added for the top route + of VMAlertmanagerConfig + It allows to make some set of labels required for alerts. + https://prometheus.io/docs/alerting/latest/configuration/#matcher + items: + type: string + type: array + externalURL: + description: |- + ExternalURL the VMAlertmanager instances will be available under. This is + necessary to generate correct URLs. This is necessary if VMAlertmanager is not + served from root of a DNS name. + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + gossipConfig: + description: GossipConfig defines gossip TLS configuration for Alertmanager + cluster + properties: + tls_client_config: + description: TLSClientConfig defines client TLS configuration + for alertmanager + properties: + ca_file: + description: |- + CAFile defines path to the pre-mounted file with CA + mutually exclusive with CASecretRef + type: string + ca_secret_ref: + description: |- + CA defines reference for secret with CA content under given key + mutually exclusive with CAFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cert_file: + description: |- + CertFile defines path to the pre-mounted file with certificate + mutually exclusive with CertSecretRef + type: string + cert_secret_ref: + description: |- + CertSecretRef defines reference for secret with certificate content under given key + mutually exclusive with CertFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + insecure_skip_verify: + description: |- + Cert defines reference for secret with CA content under given key + mutually exclusive with CertFile + type: boolean + key_file: + description: |- + KeyFile defines path to the pre-mounted file with certificate key + mutually exclusive with KeySecretRef + type: string + key_secret_ref: + description: |- + Key defines reference for secret with certificate key content under given key + mutually exclusive with KeyFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + server_name: + description: ServerName indicates a name of a server + type: string + type: object + tls_server_config: + description: TLSServerConfig defines server TLS configuration + for alertmanager + properties: + cert_file: + description: |- + CertFile defines path to the pre-mounted file with certificate + mutually exclusive with CertSecretRef + type: string + cert_secret_ref: + description: |- + CertSecretRef defines reference for secret with certificate content under given key + mutually exclusive with CertFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cipher_suites: + description: |- + CipherSuites defines list of supported cipher suites for TLS versions up to TLS 1.2 + https://golang.org/pkg/crypto/tls/#pkg-constants + items: + type: string + type: array + client_auth_type: + description: |- + Cert defines reference for secret with CA content under given key + mutually exclusive with CertFile + ClientAuthType defines server policy for client authentication + If you want to enable client authentication (aka mTLS), you need to use RequireAndVerifyClientCert + Note, mTLS is supported only at enterprise version of VictoriaMetrics components + enum: + - NoClientCert + - RequireAndVerifyClientCert + type: string + client_ca_file: + description: |- + ClientCAFile defines path to the pre-mounted file with CA + mutually exclusive with ClientCASecretRef + type: string + client_ca_secret_ref: + description: |- + ClientCASecretRef defines reference for secret with CA content under given key + mutually exclusive with ClientCAFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + curve_preferences: + description: |- + CurvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. + https://golang.org/pkg/crypto/tls/#CurveID + items: + type: string + type: array + key_file: + description: |- + KeyFile defines path to the pre-mounted file with certificate key + mutually exclusive with KeySecretRef + type: string + key_secret_ref: + description: |- + Key defines reference for secret with certificate key content under given key + mutually exclusive with KeyFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + max_version: + description: MaxVersion maximum TLS version that is acceptable. + enum: + - TLS10 + - TLS11 + - TLS12 + - TLS13 + type: string + min_version: + description: MinVersion minimum TLS version that is acceptable. + enum: + - TLS10 + - TLS11 + - TLS12 + - TLS13 + type: string + prefer_server_cipher_suites: + description: |- + PreferServerCipherSuites controls whether the server selects the + client's most preferred ciphersuite + type: boolean + type: object + type: object + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + listenLocal: + description: |- + ListenLocal makes the VMAlertmanager server listen on loopback, so that it + does not bind against the Pod IP. Note this is only for the VMAlertmanager + UI, not the gossip communication. + type: boolean + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VMAlertmanager to be configured with. + enum: + - logfmt + - json + type: string + logLevel: + description: Log level for VMAlertmanager to be configured with. + enum: + - debug + - info + - warn + - error + - DEBUG + - INFO + - WARN + - ERROR + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the alertmanager pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + portName: + description: |- + PortName used for the pods and governing service. + This defaults to web + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + retention: + description: |- + Retention Time duration VMAlertmanager shall retain data for. Default is '120h', + and must match the regular expression `[0-9]+(ms|s|m|h)` (milliseconds seconds minutes hours). + pattern: '[0-9]+(ms|s|m|h)' + type: string + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy defines strategy for application updates + Default is OnDelete, in this case operator handles update process + Can be changed for RollingUpdate + type: string + routePrefix: + description: |- + RoutePrefix VMAlertmanager registers HTTP handlers for. This is useful, + if using ExternalURL and a proxy is rewriting HTTP routes of a request, + and the actual ExternalURL is still true, but the server serves requests + under a different route prefix. For example for use with `kubectl proxy`. + type: string + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + selectAllByDefault: + description: |- + SelectAllByDefault changes default behavior for empty CRD selectors, such ConfigSelector. + with selectAllByDefault: true and undefined ConfigSelector and ConfigNamespaceSelector + Operator selects all exist alertManagerConfigs + with selectAllByDefault: false - selects nothing + type: boolean + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmalertmanager + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmalertmanager service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + Storage is the definition of how storage will be used by the VMAlertmanager + instances. + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the VMAlertManager StatefulSets. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: EmbeddedMetadata contains metadata relevant to + an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + Spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + Status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object + templates: + description: |- + Templates is a list of ConfigMap key references for ConfigMaps in the same namespace as the VMAlertmanager + object, which shall be mounted into the VMAlertmanager Pods. + The Templates are mounted into /etc/vm/templates//. + items: + description: ConfigMapKeyReference refers to a key in a ConfigMap. + properties: + key: + description: The ConfigMap key to refer to. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + useVMConfigReloader: + description: |- + UseVMConfigReloader replaces prometheus-like config-reloader + with vm one. It uses secrets watch instead of file watch + which greatly increases speed of config updates + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + webConfig: + description: |- + WebConfig defines configuration for webserver + https://github.com/prometheus/alertmanager/blob/main/docs/https.md + properties: + basic_auth_users: + additionalProperties: + type: string + description: |- + BasicAuthUsers Usernames and hashed passwords that have full access to the web server + Passwords must be hashed with bcrypt + type: object + http_server_config: + description: HTTPServerConfig defines http server configuration + for alertmanager web server + properties: + headers: + additionalProperties: + type: string + description: Headers defines list of headers that can be added + to HTTP responses. + type: object + http2: + description: |- + HTTP2 enables HTTP/2 support. Note that HTTP/2 is only supported with TLS. + This can not be changed on the fly. + type: boolean + type: object + tls_server_config: + description: TLSServerConfig defines server TLS configuration + for alertmanager + properties: + cert_file: + description: |- + CertFile defines path to the pre-mounted file with certificate + mutually exclusive with CertSecretRef + type: string + cert_secret_ref: + description: |- + CertSecretRef defines reference for secret with certificate content under given key + mutually exclusive with CertFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + cipher_suites: + description: |- + CipherSuites defines list of supported cipher suites for TLS versions up to TLS 1.2 + https://golang.org/pkg/crypto/tls/#pkg-constants + items: + type: string + type: array + client_auth_type: + description: |- + Cert defines reference for secret with CA content under given key + mutually exclusive with CertFile + ClientAuthType defines server policy for client authentication + If you want to enable client authentication (aka mTLS), you need to use RequireAndVerifyClientCert + Note, mTLS is supported only at enterprise version of VictoriaMetrics components + enum: + - NoClientCert + - RequireAndVerifyClientCert + type: string + client_ca_file: + description: |- + ClientCAFile defines path to the pre-mounted file with CA + mutually exclusive with ClientCASecretRef + type: string + client_ca_secret_ref: + description: |- + ClientCASecretRef defines reference for secret with CA content under given key + mutually exclusive with ClientCAFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + curve_preferences: + description: |- + CurvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. + https://golang.org/pkg/crypto/tls/#CurveID + items: + type: string + type: array + key_file: + description: |- + KeyFile defines path to the pre-mounted file with certificate key + mutually exclusive with KeySecretRef + type: string + key_secret_ref: + description: |- + Key defines reference for secret with certificate key content under given key + mutually exclusive with KeyFile + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + max_version: + description: MaxVersion maximum TLS version that is acceptable. + enum: + - TLS10 + - TLS11 + - TLS12 + - TLS13 + type: string + min_version: + description: MinVersion minimum TLS version that is acceptable. + enum: + - TLS10 + - TLS11 + - TLS12 + - TLS13 + type: string + prefer_server_cipher_suites: + description: |- + PreferServerCipherSuites controls whether the server selects the + client's most preferred ciphersuite + type: boolean + type: object + type: object + type: object + status: + description: |- + Most recent observed status of the VMAlertmanager cluster. + Operator API itself. More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmalerts.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAlert + listKind: VMAlertList + plural: vmalerts + singular: vmalert + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - description: The desired replicas number of Alertmanagers + jsonPath: .spec.replicaCount + name: ReplicaCount + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VMAlert executes a list of given alerting or recording rules + against configured address. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMAlertSpec defines the desired state of VMAlert + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configReloadAuthKeySecret: + description: |- + ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. + Given secret reference will be added to the application and vm-config-reloader as volume + available since v0.57.0 version + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + configReloaderExtraArgs: + additionalProperties: + type: string + description: |- + ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container + for example resyncInterval: "30s" + type: object + configReloaderImageTag: + description: ConfigReloaderImageTag defines image:tag for config-reloader + container + type: string + configReloaderResources: + description: |- + ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + datasource: + description: Datasource Victoria Metrics or VMSelect url. Required + parameter. e.g. http://127.0.0.1:8428 + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: Victoria Metrics or VMSelect url. Required parameter. + E.g. http://127.0.0.1:8428 + type: string + required: + - url + type: object + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + enforcedNamespaceLabel: + description: |- + EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert + and metric that is user created. The label value will always be the namespace of the object that is + being created. + type: string + evaluationInterval: + description: EvaluationInterval defines how often to evaluate rules + by default + pattern: '[0-9]+(ms|s|m|h)' + type: string + externalLabels: + additionalProperties: + type: string + description: 'ExternalLabels in the form ''name: value'' to add to + all generated recording rules and alerts.' + type: object + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/enterprise) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VMAlert to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMAlert to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + notifier: + description: |- + Notifier prometheus alertmanager endpoint spec. Required at least one of notifier or notifiers when there are alerting rules. e.g. http://127.0.0.1:9093 + If specified both notifier and notifiers, notifier will be added as last element to notifiers. + only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + selector: + description: |- + Selector allows service discovery for alertmanager + in this case all matched vmalertmanager replicas will be added into vmalert notifier.url + as statefulset pod.fqdn + properties: + labelSelector: + description: |- + A label selector is a label query over a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector matches all objects. A null + label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: |- + NamespaceSelector is a selector for selecting either all namespaces or a + list of namespaces. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + type: object + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: AlertManager url. E.g. http://127.0.0.1:9093 + type: string + type: object + notifierConfigRef: + description: |- + NotifierConfigRef reference for secret with notifier configuration for vmalert + only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + notifiers: + description: |- + Notifiers prometheus alertmanager endpoints. Required at least one of notifier or notifiers when there are alerting rules. e.g. http://127.0.0.1:9093 + If specified both notifier and notifiers, notifier will be added as last element to notifiers. + only one of notifier options could be chosen: notifierConfigRef or notifiers + notifier + items: + description: VMAlertNotifierSpec defines the notifier url for sending + information about alerts + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + selector: + description: |- + Selector allows service discovery for alertmanager + in this case all matched vmalertmanager replicas will be added into vmalert notifier.url + as statefulset pod.fqdn + properties: + labelSelector: + description: |- + A label selector is a label query over a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector matches all objects. A null + label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: |- + NamespaceSelector is a selector for selecting either all namespaces or a + list of namespaces. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + type: object + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: AlertManager url. E.g. http://127.0.0.1:9093 + type: string + type: object + type: array + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the VMAlert pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + remoteRead: + description: |- + RemoteRead Optional URL to read vmalert state (persisted via RemoteWrite) + This configuration only makes sense if alerts state has been successfully + persisted (via RemoteWrite) before. + see -remoteRead.url docs in vmalerts for details. + E.g. http://127.0.0.1:8428 + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + lookback: + description: |- + Lookback defines how far to look into past for alerts timeseries. For example, if lookback=1h then range from now() to now()-1h will be scanned. (default 1h0m0s) + Applied only to RemoteReadSpec + type: string + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: URL of the endpoint to send samples to. + type: string + required: + - url + type: object + remoteWrite: + description: |- + RemoteWrite Optional URL to remote-write compatible storage to persist + vmalert state and rule results to. + Rule results will be persisted according to each rule. + Alerts state will be persisted in the form of time series named ALERTS and ALERTS_FOR_STATE + see -remoteWrite.url docs in vmalerts for details. + E.g. http://127.0.0.1:8428 + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + concurrency: + description: Defines number of readers that concurrently write + into remote storage (default 1) + format: int32 + type: integer + flushInterval: + description: Defines interval of flushes to remote write endpoint + (default 5s) + pattern: '[0-9]+(ms|s|m|h)' + type: string + headers: + description: |- + Headers allow configuring custom http headers + Must be in form of semicolon separated header with value + e.g. + headerName:headerValue + vmalert supports it since 1.79.0 version + items: + type: string + type: array + maxBatchSize: + description: Defines defines max number of timeseries to be flushed + at once (default 1000) + format: int32 + type: integer + maxQueueSize: + description: Defines the max number of pending datapoints to remote + write endpoint (default 100000) + format: int32 + type: integer + oauth2: + description: OAuth2 defines OAuth2 configuration + required: + - client_id + - token_url + type: object + x-kubernetes-preserve-unknown-fields: true + tlsConfig: + description: TLSConfig specifies TLSConfig configuration parameters. + type: object + x-kubernetes-preserve-unknown-fields: true + url: + description: URL of the endpoint to send samples to. + type: string + required: + - url + type: object + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + ruleNamespaceSelector: + description: |- + RuleNamespaceSelector to be selected for VMRules discovery. + Works in combination with Selector. + If both nil - behaviour controlled by selectAllByDefault + NamespaceSelector nil - only objects at VMAlert namespace. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + rulePath: + description: |- + RulePath to the file with alert rules. + Supports patterns. Flag can be specified multiple times. + Examples: + -rule /path/to/file. Path to a single file with alerting rules + -rule dir/*.yaml -rule /*.yaml. Relative path to all .yaml files in folder, + absolute path to all .yaml files in root. + by default operator adds /etc/vmalert/configs/base/vmalert.yaml + items: + type: string + type: array + ruleSelector: + description: |- + RuleSelector selector to select which VMRules to mount for loading alerting + rules from. + Works in combination with NamespaceSelector. + If both nil - behaviour controlled by selectAllByDefault + NamespaceSelector nil - only objects at VMAlert namespace. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + selectAllByDefault: + description: |- + SelectAllByDefault changes default behavior for empty CRD selectors, such RuleSelector. + with selectAllByDefault: true and empty serviceScrapeSelector and RuleNamespaceSelector + Operator selects all exist serviceScrapes + with selectAllByDefault: false - selects nothing + type: boolean + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmalert VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmalert service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: UpdateStrategy - overrides default update strategy. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + useVMConfigReloader: + description: |- + UseVMConfigReloader replaces prometheus-like config-reloader + with vm one. It uses secrets watch instead of file watch + which greatly increases speed of config updates + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + required: + - datasource + type: object + status: + description: VMAlertStatus defines the observed state of VMAlert + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmanomalies.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAnomaly + listKind: VMAnomalyList + plural: vmanomalies + singular: vmanomaly + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: current number of shards + jsonPath: .status.shards + name: Shards Count + type: integer + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VMAnomaly is the Schema for the vmanomalies API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMAnomalySpec defines the desired state of VMAnomaly. + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for VMAnomaly + items: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + x-kubernetes-preserve-unknown-fields: true + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status of + resource being resized for the given PVC.\nKey names follow + standard Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nClaimResourceStatus + can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with a + terminal error.\n\t- NodeResizePending:\n\t\tState set + when resize controller has finished resizing the volume + but further resizing of\n\t\tvolume is needed on the node.\n\t- + NodeResizeInProgress:\n\t\tState set when kubelet starts + resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, it + means that no resize operation is in progress for the + given PVC.\n\nA controller that receives PVC update with + previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources allocated + to a PVC including its capacity.\nKey names follow standard + Kubernetes label syntax. Valid values are either:\n\t* + Un-prefixed keys:\n\t\t- storage - the capacity of the + volume.\n\t* Custom resources must use implementation-defined + prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not be used.\n\nCapacity + reported here may be larger than the actual capacity when + a volume expansion operation\nis requested.\nFor storage + quota, the larger value from allocatedResources and PVC.spec.resources + is used.\nIf allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and if + the actual volume capacity\nis equal or lower than the + requested capacity.\n\nA controller that receives PVC + update with previously unknown resourceName\nshould ignore + the update for the purpose it was designed. For example + - a controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates that + change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources of + the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains details + about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed the + condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the condition + transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible indicates + that the request has been rejected as invalid by the + CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass + needs to be specified.\nNote: New statuses can be + added in the future. Consumers should check for unknown + statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: array + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configRawYaml: + description: |- + ConfigRawYaml - raw configuration for anomaly, + it helps it to start without secret. + priority -> hardcoded ConfigRaw -> ConfigRaw, provided by user -> ConfigSecret. + type: string + configSecret: + description: |- + ConfigSecret is the name of a Kubernetes Secret in the same namespace as the + VMAnomaly object, which contains configuration for this VMAnomaly, + configuration must be inside secret key: anomaly.yaml. + It must be created by user. + instance. Defaults to 'vmanomaly-' + The secret is mounted into /etc/anomaly/config. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/enterprise) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logLevel: + description: |- + LogLevel for VMAnomaly to be configured with. + INFO, WARN, ERROR, FATAL, PANIC + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + monitoring: + description: |- + Monitoring configures how expose anomaly metrics + See https://docs.victoriametrics.com/anomaly-detection/components/monitoring/ + properties: + pull: + description: |- + VMAnomalyMonitoringPullSpec defines pull monitoring configuration + which is enabled by default and served at POD_IP:8490/metrics + properties: + addr: + description: Addr changes listen addr, default is 0.0.0.0 + type: string + port: + description: Port defines a port for metrics scrape + type: string + required: + - port + type: object + push: + description: |- + VMAnomalyMonitoringPushSpec defines metrics push configuration + + VMAnomaly uses prometheus text exposition format + properties: + basicAuth: + description: Basic auth defines basic autorization configuration + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer: + description: 'BearerAuth defines authorization with Authorization: + Bearer header' + properties: + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + extraLabels: + additionalProperties: + type: string + description: ExtraLabels defines a set of labels to attach + to the pushed metrics + type: object + healthPath: + description: HealthPath defines absolute or relative URL address + where to check availability of the remote webserver + type: string + pushFrequency: + description: PushFrequency defines push internval + type: string + tenantID: + description: TenantID defines for VictoriaMetrics Cluster + version only, tenants are identified by accountID, accountID:projectID + or multitenant. + type: string + timeout: + description: Timeout for the requests, passed as a string + type: string + tlsConfig: + description: TLSConfig defines tls connection configuration + properties: + ca: + description: Struct containing the CA cert to use for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for + the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for + the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for + the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + url: + description: defines target url for push requests + type: string + required: + - url + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the vmanomaly pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + reader: + description: |- + Metrics source for VMAnomaly + See https://docs.victoriametrics.com/anomaly-detection/components/reader/ + properties: + basicAuth: + description: Basic auth defines basic autorization configuration + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer: + description: 'BearerAuth defines authorization with Authorization: + Bearer header' + properties: + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + dataRange: + description: Optional argumentallows defining valid data ranges + for input of all the queries in queries + items: + type: string + type: array + datasourceURL: + description: |- + DatasourceURL address + datatasource must serve /api/v1/query and /api/v1/query_range APIs + type: string + extraFilters: + description: List of strings with series selector. + items: + type: string + type: array + healthPath: + description: HealthPath defines absolute or relative URL address + where to check availability of the remote webserver + type: string + latencyOffset: + description: It allows overriding the default -search.latencyOffsetflag + of VictoriaMetrics + type: string + maxPointsPerQuery: + description: Optional argoverrides how search.maxPointsPerTimeseries + flagimpacts vmanomaly on splitting long fitWindow queries into + smaller sub-intervals + type: integer + queryFromLastSeenTimestamp: + description: If True, then query will be performed from the last + seen timestamp for a given series. + type: boolean + queryRangePath: + description: Performs PromQL/MetricsQL range query + type: string + samplingPeriod: + description: Frequency of the points returned + type: string + tenantID: + description: TenantID defines for VictoriaMetrics Cluster version + only, tenants are identified by accountID, accountID:projectID + or multitenant. + type: string + timeout: + description: Timeout for the requests, passed as a string + type: string + tlsConfig: + description: TLSConfig defines tls connection configuration + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for + the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + tz: + description: Optional argumentspecifies the IANA timezone to account + for local shifts, like DST, in models sensitive to seasonal + patterns + type: string + required: + - datasourceURL + - samplingPeriod + type: object + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy allows configuration for strategyType + set it to RollingUpdate for disabling operator statefulSet rollingUpdate + type: string + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmanomaly VMPodScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + shardCount: + description: |- + ShardCount - numbers of shards of VMAnomaly + in this case operator will use 1 sts per shard with + replicas count according to spec.replicas. + type: integer + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: Storage configures storage for StatefulSet + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the VMAlertManager StatefulSets. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: EmbeddedMetadata contains metadata relevant to + an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + Spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + Status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + writer: + description: |- + Metrics destination for VMAnomaly + See https://docs.victoriametrics.com/anomaly-detection/components/writer/ + properties: + basicAuth: + description: Basic auth defines basic autorization configuration + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer: + description: 'BearerAuth defines authorization with Authorization: + Bearer header' + properties: + bearerTokenFile: + description: Path to bearer token file + type: string + bearerTokenSecret: + description: Optional bearer auth token to use for -remoteWrite.url + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + datasourceURL: + description: |- + DatasourceURL defines remote write url for write requests + provided endpoint must serve /api/v1/import path + vmanomaly joins datasourceURL + "/api/v1/import" + type: string + healthPath: + description: HealthPath defines absolute or relative URL address + where to check availability of the remote webserver + type: string + metricFormat: + description: Metrics to save the output (in metric names or labels) + properties: + __name__: + description: |- + Name of result metric + Must have a value with $VAR placeholder in it to distinguish between resulting metrics + type: string + extraLabels: + additionalProperties: + type: string + description: ExtraLabels defines additional labels to be added + to the resulting metrics + type: object + for: + description: For is a special label with $QUERY_KEY placeholder + type: string + required: + - __name__ + - for + type: object + tenantID: + description: TenantID defines for VictoriaMetrics Cluster version + only, tenants are identified by accountID, accountID:projectID + or multitenant. + type: string + timeout: + description: Timeout for the requests, passed as a string + type: string + tlsConfig: + description: TLSConfig defines tls connection configuration + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for + the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - datasourceURL + type: object + required: + - reader + - writer + type: object + status: + description: VMAnomalyStatus defines the observed state of VMAnomaly. + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + shards: + description: Shards represents total number of vmanomaly statefulsets + with uniq scrape targets + format: int32 + type: integer + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.shardCount + statusReplicasPath: .status.shards + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmauths.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMAuth + listKind: VMAuthList + plural: vmauths + singular: vmauth + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of update rollout + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: The desired replicas number of Alertmanagers + jsonPath: .spec.replicaCount + name: ReplicaCount + type: integer + name: v1beta1 + schema: + openAPIV3Schema: + description: VMAuth is the Schema for the vmauths API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMAuthSpec defines the desired state of VMAuth + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + configReloadAuthKeySecret: + description: |- + ConfigReloadAuthKeySecret defines optional secret reference authKey for /-/reload API requests. + Given secret reference will be added to the application and vm-config-reloader as volume + available since v0.57.0 version + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + configReloaderExtraArgs: + additionalProperties: + type: string + description: |- + ConfigReloaderExtraArgs that will be passed to VMAuths config-reloader container + for example resyncInterval: "30s" + type: object + configReloaderImageTag: + description: ConfigReloaderImageTag defines image:tag for config-reloader + container + type: string + configReloaderResources: + description: |- + ConfigReloaderResources config-reloader container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + configSecret: + description: |- + ConfigSecret is the name of a Kubernetes Secret in the same namespace as the + VMAuth object, which contains auth configuration for vmauth, + configuration must be inside secret key: config.yaml. + It must be created and managed manually. + If it's defined, configuration for vmauth becomes unmanaged and operator'll not create any related secrets/config-reloaders + Deprecated: use externalConfig.secretRef instead + type: string + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + externalConfig: + description: |- + ExternalConfig defines a source of external VMAuth configuration. + If it's defined, configuration for vmauth becomes unmanaged and operator'll not create any related secrets/config-reloaders + properties: + localPath: + description: |- + LocalPath contains static path to a config, which is managed externally for cases + when using secrets is not applicable, e.g.: Vault sidecar. + type: string + secretRef: + description: SecretRef defines selector for externally managed + secret which contains configuration + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + ingress: + description: Ingress enables ingress configuration for VMAuth. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + class_name: + description: ClassName defines ingress class name for VMAuth + type: string + extraRules: + description: |- + ExtraRules - additional rules for ingress, + must be checked for correctness by user. + items: + description: |- + IngressRule represents the rules mapping the paths under a specified host to + the related backend services. Incoming requests are first evaluated for a host + match, then routed to the backend associated with the matching IngressRuleValue. + properties: + host: + description: "host is the fully qualified domain name of + a network host, as defined by RFC 3986.\nNote the following + deviations from the \"host\" part of the\nURI as defined + in RFC 3986:\n1. IPs are not allowed. Currently an IngressRuleValue + can only apply to\n the IP in the Spec of the parent + Ingress.\n2. The `:` delimiter is not respected because + ports are not allowed.\n\t Currently the port of an Ingress + is implicitly :80 for http and\n\t :443 for https.\nBoth + these may change in the future.\nIncoming requests are + matched against the host before the\nIngressRuleValue. + If the host is unspecified, the Ingress routes all\ntraffic + based on the specified IngressRuleValue.\n\nhost can be + \"precise\" which is a domain name without the terminating + dot of\na network host (e.g. \"foo.bar.com\") or \"wildcard\", + which is a domain name\nprefixed with a single wildcard + label (e.g. \"*.foo.com\").\nThe wildcard character '*' + must appear by itself as the first DNS label and\nmatches + only a single label. You cannot have a wildcard label + by itself (e.g. Host == \"*\").\nRequests will be matched + against the Host field in the following way:\n1. If host + is precise, the request matches this rule if the http + host header is equal to Host.\n2. If host is a wildcard, + then the request matches this rule if the http host header\nis + to equal to the suffix (removing the first label) of the + wildcard rule." + type: string + http: + description: |- + HTTPIngressRuleValue is a list of http selectors pointing to backends. + In the example: http:///? -> backend where + where parts of the url correspond to RFC 3986, this resource will be used + to match against everything after the last '/' and before the first '?' + or '#'. + properties: + paths: + description: paths is a collection of paths that map + requests to backends. + items: + description: |- + HTTPIngressPath associates a path with a backend. Incoming urls matching the + path are forwarded to the backend. + properties: + backend: + description: |- + backend defines the referenced service endpoint to which the traffic + will be forwarded to. + properties: + resource: + description: |- + resource is an ObjectRef to another Kubernetes resource in the namespace + of the Ingress object. If resource is specified, a service.Name and + service.Port must not be specified. + This is a mutually exclusive setting with "Service". + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + service: + description: |- + service references a service as a backend. + This is a mutually exclusive setting with "Resource". + properties: + name: + description: |- + name is the referenced service. The service must exist in + the same namespace as the Ingress object. + type: string + port: + description: |- + port of the referenced service. A port name or port number + is required for a IngressServiceBackend. + properties: + name: + description: |- + name is the name of the port on the Service. + This is a mutually exclusive setting with "Number". + type: string + number: + description: |- + number is the numerical port number (e.g. 80) on the Service. + This is a mutually exclusive setting with "Name". + format: int32 + type: integer + type: object + x-kubernetes-map-type: atomic + required: + - name + type: object + type: object + path: + description: |- + path is matched against the path of an incoming request. Currently it can + contain characters disallowed from the conventional "path" part of a URL + as defined by RFC 3986. Paths must begin with a '/' and must be present + when using PathType with value "Exact" or "Prefix". + type: string + pathType: + description: |- + pathType determines the interpretation of the path matching. PathType can + be one of the following values: + * Exact: Matches the URL path exactly. + * Prefix: Matches based on a URL path prefix split by '/'. Matching is + done on a path element by element basis. A path element refers is the + list of labels in the path split by the '/' separator. A request is a + match for path p if every p is an element-wise prefix of p of the + request path. Note that if the last element of the path is a substring + of the last element in request path, it is not a match (e.g. /foo/bar + matches /foo/bar/baz, but does not match /foo/barbaz). + * ImplementationSpecific: Interpretation of the Path matching is up to + the IngressClass. Implementations can treat this as a separate PathType + or treat it identically to Prefix or Exact path types. + Implementations are required to support all path types. + type: string + required: + - backend + - pathType + type: object + type: array + x-kubernetes-list-type: atomic + required: + - paths + type: object + type: object + type: array + extraTls: + description: |- + ExtraTLS - additional TLS configuration for ingress + must be checked for correctness by user. + items: + description: IngressTLS describes the transport layer security + associated with an ingress. + properties: + hosts: + description: |- + hosts is a list of hosts included in the TLS certificate. The values in + this list must match the name/s used in the tlsSecret. Defaults to the + wildcard host setting for the loadbalancer controller fulfilling this + Ingress, if left unspecified. + items: + type: string + type: array + x-kubernetes-list-type: atomic + secretName: + description: |- + secretName is the name of the secret used to terminate TLS traffic on + port 443. Field is left optional to allow TLS routing based on SNI + hostname alone. If the SNI host in a listener conflicts with the "Host" + header field used by an IngressRule, the SNI host is used for termination + and value of the "Host" header is used for routing. + type: string + type: object + type: array + host: + description: |- + Host defines ingress host parameter for default rule + It will be used, only if TlsHosts is empty + type: string + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + tlsHosts: + description: TlsHosts configures TLS access for ingress, tlsSecretName + must be defined for it. + items: + type: string + type: array + tlsSecretName: + description: |- + TlsSecretName defines secretname at the VMAuth namespace with cert and key + https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + type: string + type: object + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + internalListenPort: + description: |- + InternalListenPort instructs vmauth to serve internal routes at given port + available from v0.56.0 operator + and v1.111.0 vmauth version + related doc https://docs.victoriametrics.com/vmauth/#security + type: string + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/enterprise) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VMAuth to be configured with. + enum: + - default + - json + type: string + logLevel: + description: LogLevel for victoria metrics single to be configured + with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the VMAuth pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + selectAllByDefault: + description: |- + SelectAllByDefault changes default behavior for empty CRD selectors, such userSelector. + with selectAllByDefault: true and empty userSelector and userNamespaceSelector + Operator selects all exist users + with selectAllByDefault: false - selects nothing + type: boolean + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmauth VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmsingle service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + unauthorizedAccessConfig: + description: |- + UnauthorizedAccessConfig configures access for un authorized users + + Deprecated: use unauthorizedUserAccessSpec instead + will be removed at v1.0 release + x-kubernetes-preserve-unknown-fields: true + unauthorizedUserAccessSpec: + description: UnauthorizedUserAccessSpec defines unauthorized_user + config section of vmauth config + properties: + default_url: + description: |- + DefaultURLs backend url for non-matching paths filter + usually used for default backend with error message + items: + type: string + type: array + discover_backend_ips: + description: DiscoverBackendIPs instructs discovering URLPrefix + backend IPs via DNS. + type: boolean + drop_src_path_prefix_parts: + description: |- + DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. + See [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details. + type: integer + dump_request_on_errors: + description: |- + DumpRequestOnErrors instructs vmauth to return detailed request params to the client + if routing rules don't allow to forward request to the backends. + Useful for debugging `src_hosts` and `src_headers` based routing rules + + available since v1.107.0 vmauth version + type: boolean + headers: + description: |- + Headers represent additional http headers, that vmauth uses + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.68.0 version of vmauth + items: + type: string + type: array + ip_filters: + description: |- + IPFilters defines per target src ip filters + supported only with enterprise version of [vmauth](https://docs.victoriametrics.com/vmauth/#ip-filters) + properties: + allow_list: + items: + type: string + type: array + deny_list: + items: + type: string + type: array + type: object + load_balancing_policy: + description: |- + LoadBalancingPolicy defines load balancing policy to use for backend urls. + Supported policies: least_loaded, first_available. + See [here](https://docs.victoriametrics.com/vmauth#load-balancing) for more details (default "least_loaded") + enum: + - least_loaded + - first_available + type: string + max_concurrent_requests: + description: |- + MaxConcurrentRequests defines max concurrent requests per user + 300 is default value for vmauth + type: integer + metric_labels: + additionalProperties: + type: string + description: MetricLabels - additional labels for metrics exported + by vmauth for given user. + type: object + response_headers: + description: |- + ResponseHeaders represent additional http headers, that vmauth adds for request response + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.93.0 version of vmauth + items: + type: string + type: array + retry_status_codes: + description: |- + RetryStatusCodes defines http status codes in numeric format for request retries + e.g. [429,503] + items: + type: integer + type: array + tlsConfig: + description: TLSConfig defines tls configuration for the backend + connection + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for + the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + url_map: + items: + description: |- + UnauthorizedAccessConfigURLMap defines element of url_map routing configuration + For UnauthorizedAccessConfig and VMAuthUnauthorizedUserAccessSpec.URLMap + properties: + discover_backend_ips: + description: DiscoverBackendIPs instructs discovering URLPrefix + backend IPs via DNS. + type: boolean + drop_src_path_prefix_parts: + description: |- + DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. + See [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details. + type: integer + headers: + description: |- + RequestHeaders represent additional http headers, that vmauth uses + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.68.0 version of vmauth + items: + type: string + type: array + load_balancing_policy: + description: |- + LoadBalancingPolicy defines load balancing policy to use for backend urls. + Supported policies: least_loaded, first_available. + See [here](https://docs.victoriametrics.com/vmauth#load-balancing) for more details (default "least_loaded") + enum: + - least_loaded + - first_available + type: string + response_headers: + description: |- + ResponseHeaders represent additional http headers, that vmauth adds for request response + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.93.0 version of vmauth + items: + type: string + type: array + retry_status_codes: + description: |- + RetryStatusCodes defines http status codes in numeric format for request retries + Can be defined per target or at VMUser.spec level + e.g. [429,503] + items: + type: integer + type: array + src_headers: + description: SrcHeaders is an optional list of headers, + which must match request headers. + items: + type: string + type: array + src_hosts: + description: SrcHosts is an optional list of regular expressions, + which must match the request hostname. + items: + type: string + type: array + src_paths: + description: SrcPaths is an optional list of regular expressions, + which must match the request path. + items: + type: string + type: array + src_query_args: + description: SrcQueryArgs is an optional list of query args, + which must match request URL query args. + items: + type: string + type: array + url_prefix: + description: |- + UrlPrefix contains backend url prefixes for the proxied request url. + URLPrefix defines prefix prefix for destination + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + url_prefix: + description: URLPrefix defines prefix prefix for destination + x-kubernetes-preserve-unknown-fields: true + type: object + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useProxyProtocol: + description: |- + UseProxyProtocol enables proxy protocol for vmauth + https://www.haproxy.org/download/2.3/doc/proxy-protocol.txt + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + useVMConfigReloader: + description: |- + UseVMConfigReloader replaces prometheus-like config-reloader + with vm one. It uses secrets watch instead of file watch + which greatly increases speed of config updates + type: boolean + userNamespaceSelector: + description: |- + UserNamespaceSelector Namespaces to be selected for VMAuth discovery. + Works in combination with Selector. + NamespaceSelector nil - only objects at VMAuth namespace. + Selector nil - only objects at NamespaceSelector namespaces. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + userSelector: + description: |- + UserSelector defines VMUser to be selected for config file generation. + Works in combination with NamespaceSelector. + NamespaceSelector nil - only objects at VMAuth namespace. + If both nil - behaviour controlled by selectAllByDefault + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: VMAuthStatus defines the observed state of VMAuth + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmclusters.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMCluster + listKind: VMClusterList + plural: vmclusters + singular: vmcluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: replicas of VMInsert + jsonPath: .spec.vminsert.replicaCount + name: Insert Count + type: string + - description: replicas of VMStorage + jsonPath: .spec.vmstorage.replicaCount + name: Storage Count + type: string + - description: replicas of VMSelect + jsonPath: .spec.vmselect.replicaCount + name: Select Count + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Current status of cluster + jsonPath: .status.updateStatus + name: Status + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMCluster is fast, cost-effective and scalable time-series database. + Cluster version with + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMClusterSpec defines the desired state of VMCluster + properties: + clusterDomainName: + description: |- + ClusterDomainName defines domain name suffix for in-cluster dns addresses + aka .cluster.local + used by vminsert and vmselect to build vmstorage address + type: string + clusterVersion: + description: |- + ClusterVersion defines default images tag for all components. + it can be overwritten with component specific image.tag value. + type: string + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/enterprise) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + replicationFactor: + description: |- + ReplicationFactor defines how many copies of data make among + distinct storage nodes + format: int32 + type: integer + requestsLoadBalancer: + description: |- + RequestsLoadBalancer configures load-balancing for vminsert and vmselect requests. + It helps to evenly spread load across pods. + Usually it's not possible with Kubernetes TCP-based services. + See more [here](https://docs.victoriametrics.com/operator/resources/vmcluster/#requests-load-balancing) + properties: + disableInsertBalancing: + type: boolean + disableSelectBalancing: + type: boolean + enabled: + type: boolean + spec: + description: |- + VMAuthLoadBalancerSpec defines configuration spec for VMAuth used as load-balancer + for VMCluster component + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + retentionPeriod: + description: |- + RetentionPeriod defines how long to retain stored metrics, specified as a duration (e.g., "1d", "1w", "1m"). + Data with timestamps outside the RetentionPeriod is automatically deleted. The minimum allowed value is 1d, or 24h. + The default value is 1 (one month). + See [retention](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#retention) docs for details. + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + serviceAccountName: + description: |- + ServiceAccountName is the name of the ServiceAccount to use to run the + VMSelect, VMStorage and VMInsert Pods. + type: string + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + vminsert: + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + clusterNativeListenPort: + description: |- + ClusterNativePort for multi-level cluster setup. + More [details](https://docs.victoriametrics.com/Cluster-VictoriaMetrics#multi-level-cluster-setup) + type: string + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + hpa: + description: HPA defines kubernetes PodAutoScaling configuration + version 2. + type: object + x-kubernetes-preserve-unknown-fields: true + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + insertPorts: + description: InsertPorts - additional listen ports for data ingestion. + properties: + graphitePort: + description: GraphitePort listen port + type: string + influxPort: + description: InfluxPort listen port + type: string + openTSDBHTTPPort: + description: OpenTSDBHTTPPort for http connections. + type: string + openTSDBPort: + description: OpenTSDBPort for tcp and udp listen + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VMInsert to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMInsert to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VMInsert pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdate: + description: RollingUpdate - overrides deployment update params. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to 25%. + Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when + the rolling update starts, such that the total number of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, + new ReplicaSet can be scaled up further, ensuring that total number of pods running + at any time during the update is at most 130% of desired pods. + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. + Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods + immediately when the rolling update starts. Once new pods are ready, old ReplicaSet + can be scaled down further, followed by scaling up the new ReplicaSet, ensuring + that the total number of pods available at all times during the update is at + least 70% of desired pods. + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vminsert + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vminsert service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + updateStrategy: + description: UpdateStrategy - overrides default update strategy. + enum: + - Recreate + - RollingUpdate + type: string + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + vmselect: + description: VMSelect defines configuration section for vmselect components + of the victoria-metrics cluster + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + cacheMountPath: + description: |- + CacheMountPath allows to add cache persistent for VMSelect, + will use "/cache" as default if not specified. + type: string + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for StatefulSet + items: + description: PersistentVolumeClaim is a user's request for and + claim to a persistent volume + type: object + type: array + clusterNativeListenPort: + description: |- + ClusterNativePort for multi-level cluster setup. + More [details](https://docs.victoriametrics.com/Cluster-VictoriaMetrics#multi-level-cluster-setup) + type: string + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + hpa: + description: |- + Configures horizontal pod autoscaling. + Note, enabling this option disables vmselect to vmselect communication. In most cases it's not an issue. + type: object + x-kubernetes-preserve-unknown-fields: true + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VMSelect to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMSelect to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + persistentVolume: + description: |- + Storage - add persistent volume for cacheMountPath + its useful for persistent cache + use storage instead of persistentVolume. + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the VMAlertManager StatefulSets. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VMSelect pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy defines strategy for application updates + Default is OnDelete, in this case operator handles update process + Can be changed for RollingUpdate + type: string + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmselect + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmselect service + spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + StorageSpec - add persistent volume claim for cacheMountPath + its needed for persistent cache + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the VMAlertManager StatefulSets. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: EmbeddedMetadata contains metadata relevant + to an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + Spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to + the PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + Status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey + names follow standard Kubernetes label syntax. Valid + values are either:\n\t* Un-prefixed keys:\n\t\t- + storage - the capacity of the volume.\n\t* Custom + resources must use implementation-defined prefixed + names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or + have kubernetes.io prefix are considered\nreserved + and hence may not be used.\n\nClaimResourceStatus + can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller + with a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing + the volume but further resizing of\n\t\tvolume is + needed on the node.\n\t- NodeResizeInProgress:\n\t\tState + set when kubelet starts resizing the volume.\n\t- + NodeResizeFailed:\n\t\tState set when resizing has + failed in kubelet with a terminal error. Transient + errors don't set\n\t\tNodeResizeFailed.\nFor example: + if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress + for the given PVC.\n\nA controller that receives + PVC update with previously unknown resourceName + or ClaimResourceStatus\nshould ignore the update + for the purpose it was designed. For example - a + controller that\nonly is responsible for resizing + capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with + PVC.\n\nThis is an alpha field and requires enabling + RecoverVolumeExpansionFailure feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey + names follow standard Kubernetes label syntax. Valid + values are either:\n\t* Un-prefixed keys:\n\t\t- + storage - the capacity of the volume.\n\t* Custom + resources must use implementation-defined prefixed + names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or + have kubernetes.io prefix are considered\nreserved + and hence may not be used.\n\nCapacity reported + here may be larger than the actual capacity when + a volume expansion operation\nis requested.\nFor + storage quota, the larger value from allocatedResources + and PVC.spec.resources is used.\nIf allocatedResources + is not set, PVC.spec.resources alone is used for + quota calculation.\nIf a volume expansion capacity + request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress + and if the actual volume capacity\nis equal or lower + than the requested capacity.\n\nA controller that + receives PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. + For example - a controller that\nonly is responsible + for resizing capacity of the volume, should ignore + PVC updates that change other valid\nresources associated + with PVC.\n\nThis is an alpha field and requires + enabling RecoverVolumeExpansionFailure feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time + the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is a beta field and requires enabling VolumeAttributesClass feature (off by default). + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, + such as\n the specified VolumeAttributesClass + not existing.\n - InProgress\n InProgress + indicates that the volume is being modified.\n + - Infeasible\n Infeasible indicates that the + request has been rejected as invalid by the + CSI driver. To\n\t resolve the error, a valid + VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is + the name of the VolumeAttributesClass the PVC + currently being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of + PersistentVolumeClaim. + type: string + type: object + type: object + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + vmstorage: + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + claimTemplates: + description: ClaimTemplates allows adding additional VolumeClaimTemplates + for StatefulSet + items: + description: PersistentVolumeClaim is a user's request for and + claim to a persistent volume + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application + container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the + node network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to + run within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: |- + LogFormat for VMStorage to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMStorage to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + maintenanceInsertNodeIDs: + description: |- + MaintenanceInsertNodeIDs - excludes given node ids from insert requests routing, must contain pod suffixes - for pod-0, id will be 0 and etc. + lets say, you have pod-0, pod-1, pod-2, pod-3. to exclude pod-0 and pod-3 from insert routing, define nodeIDs: [0,3]. + Useful at storage expanding, when you want to rebalance some data at cluster. + items: + format: int32 + type: integer + type: array + maintenanceSelectNodeIDs: + description: MaintenanceInsertNodeIDs - excludes given node ids + from select requests routing, must contain pod suffixes - for + pod-0, id will be 0 and etc. + items: + format: int32 + type: integer + type: array + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podDisruptionBudget: + description: PodDisruptionBudget created by operator + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at most "maxUnavailable" pods selected by + "selector" are unavailable after the eviction, i.e. even in absence of + the evicted pod. For example, one can prevent all voluntary evictions + by specifying 0. This is a mutually exclusive setting with "minAvailable". + x-kubernetes-int-or-string: true + minAvailable: + anyOf: + - type: integer + - type: string + description: |- + An eviction is allowed if at least "minAvailable" pods selected by + "selector" will still be available after the eviction, i.e. even in the + absence of the evicted pod. So for example you can prevent all voluntary + evictions by specifying "100%". + x-kubernetes-int-or-string: true + selectorLabels: + additionalProperties: + type: string + description: |- + replaces default labels selector generated by operator + it's useful when you need to create custom budget + type: object + type: object + podMetadata: + description: PodMetadata configures Labels and Annotations which + are propagated to the VMStorage pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod + condition + properties: + conditionType: + description: ConditionType refers to a condition in the + pod's condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + rollingUpdateStrategy: + description: |- + RollingUpdateStrategy defines strategy for application updates + Default is OnDelete, in this case operator handles update process + Can be changed for RollingUpdate + type: string + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmstorage + VMServiceScrape spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be create additional service + for vmstorage + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for + additional service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + Storage - add persistent volume for StorageDataPath + its useful for persistent cache + properties: + disableMountSubPath: + description: |- + Deprecated: subPath usage will be disabled by default in a future release, this option will become unnecessary. + DisableMountSubPath allows to remove any subPath usage in volume mounts. + type: boolean + emptyDir: + description: |- + EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More + info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the VMAlertManager StatefulSets. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + storageDataPath: + description: StorageDataPath - path to storage data + type: string + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container + graceful termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + vmBackup: + description: VMBackup configuration for backup + properties: + acceptEULA: + description: |- + AcceptEULA accepts enterprise feature usage, must be set to true. + otherwise backupmanager cannot be added to single/cluster version. + https://victoriametrics.com/legal/esa/ + type: boolean + concurrency: + description: Defines number of concurrent workers. Higher + concurrency may reduce backup duration (default 10) + format: int32 + type: integer + credentialsSecret: + description: |- + CredentialsSecret is secret in the same namespace for access to remote storage + The secret is mounted into /etc/vm/creds. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + customS3Endpoint: + description: Custom S3 endpoint for use with S3-compatible + storages (e.g. MinIO). S3 is used if not set + type: string + destination: + description: Defines destination for backup + type: string + destinationDisableSuffixAdd: + description: |- + DestinationDisableSuffixAdd - disables suffix adding for cluster version backups + each vmstorage backup must have unique backup folder + so operator adds POD_NAME as suffix for backup destination folder. + type: boolean + disableDaily: + description: Defines if daily backups disabled (default false) + type: boolean + disableHourly: + description: Defines if hourly backups disabled (default false) + type: boolean + disableMonthly: + description: Defines if monthly backups disabled (default + false) + type: boolean + disableWeekly: + description: Defines if weekly backups disabled (default false) + type: boolean + extraArgs: + additionalProperties: + type: string + description: extra args like maxBytesPerSecond default 0 + type: object + extraEnvs: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: Image - docker image settings for VMBackuper + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + + it's repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + logFormat: + description: |- + LogFormat for VMBackup to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMBackup to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + port: + description: Port for health check connections + type: string + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restore: + description: |- + Restore Allows to enable restore options for pod + Read [more](https://docs.victoriametrics.com/vmbackupmanager#restore-commands) + properties: + onStart: + description: OnStart defines configuration for restore + on pod start + properties: + enabled: + description: Enabled defines if restore on start enabled + type: boolean + type: object + type: object + snapshotCreateURL: + description: SnapshotCreateURL overwrites url for snapshot + create + type: string + snapshotDeleteURL: + description: SnapShotDeleteURL overwrites url for snapshot + delete + type: string + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment definition. + VolumeMounts specified will be appended to other VolumeMounts in the vmbackupmanager container, + that are generated as a result of StorageSpec objects. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + type: object + vmInsertPort: + description: VMInsertPort for VMInsert connections + type: string + vmSelectPort: + description: VMSelectPort for VMSelect connections + type: string + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + status: + description: VMClusterStatus defines the observed state of VMCluster + properties: + clusterStatus: + description: LegacyStatus is deprecated and will be removed at v0.52.0 + version + type: string + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmnodescrapes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMNodeScrape + listKind: VMNodeScrapeList + plural: vmnodescrapes + singular: vmnodescrape + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMNodeScrape defines discovery for targets placed on kubernetes nodes, + usually its node-exporters and other host services. + InternalIP is used as __address__ for scraping. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMNodeScrapeSpec defines specification for VMNodeScrape. + properties: + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over basic + authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects the + timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + jobLabel: + description: The label to use to retrieve the job name from. + type: string + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped data + for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 client + id + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the port exposed at Node. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes to + proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + selector: + description: Selector to select kubernetes Nodes. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Node + onto the target. + items: + type: string + type: array + tlsConfig: + description: TLSConfig configuration to use when scraping the endpoint + properties: + ca: + description: Struct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for the + targets. + type: string + cert: + description: Struct containing the client cert file for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container for + the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container for + the targets. + type: string + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific scrape + parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/vmagent#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmpodscrapes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMPodScrape + listKind: VMPodScrapeList + plural: vmpodscrapes + singular: vmpodscrape + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMPodScrape is scrape configuration for pods, + it generates vmagent's config for scraping pod targets + based on selectors. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMPodScrapeSpec defines the desired state of VMPodScrape + properties: + attach_metadata: + description: AttachMetadata configures metadata attaching from service + discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: Selector to select which namespaces the Endpoints objects + are discovered from. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + podMetricsEndpoints: + description: A list of endpoints allowed as part of this PodMonitor. + items: + description: PodMetricsEndpoint defines a scrapeable endpoint of + a Kubernetes Pod serving metrics. + properties: + attach_metadata: + description: AttachMetadata configures metadata attaching from + service discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + filterRunning: + description: |- + FilterRunning applies filter with pod status == running + it prevents from scrapping metrics at failed or succeed state pods. + enabled by default + type: boolean + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects + the timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped + data for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after + scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the port exposed at Pod. + type: string + portNumber: + description: PortNumber defines the `Pod` port number which + exposes the endpoint. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number + of scraped samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetPort: + anyOf: + - type: integer + - type: string + description: |- + TargetPort defines name or number of the pod port this endpoint refers to. + Mutually exclusive with Port and PortNumber. + x-kubernetes-int-or-string: true + tlsConfig: + description: TLSConfig configuration to use when scraping the + endpoint + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific + scrape parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/vmagent#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + type: array + podTargetLabels: + description: PodTargetLabels transfers labels on the Kubernetes Pod + onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + selector: + description: Selector to select Pod objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + required: + - podMetricsEndpoints + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmprobes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMProbe + listKind: VMProbeList + plural: vmprobes + singular: vmprobe + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMProbe defines a probe for targets, that will be executed with prober, + like blackbox exporter. + It helps to monitor reachability of target with various checks. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMProbeSpec contains specification parameters for a Probe. + properties: + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over basic + authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects the + timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + jobName: + description: The job name assigned to scraped metrics by default. + type: string + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped data + for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + module: + description: |- + The module to use for probing specifying how to probe the target. + Example module configuring in the blackbox exporter: + https://github.com/prometheus/blackbox_exporter/blob/master/example.yml + type: string + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 client + id + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes to + proxy through this endpoint. + type: string + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targets: + description: Targets defines a set of static and/or dynamically discovered + targets to be probed using the prober. + properties: + ingress: + description: Ingress defines the set of dynamically discovered + ingress objects which hosts are considered for probing. + properties: + namespaceSelector: + description: Select Ingress objects by namespace. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + relabelingConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + selector: + description: Select Ingress objects by labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + type: object + staticConfig: + description: StaticConfig defines static targets which are considers + for probing. + properties: + labels: + additionalProperties: + type: string + description: Labels assigned to all metrics scraped from the + targets. + type: object + relabelingConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + targets: + description: Targets is a list of URLs to probe using the + configured prober. + items: + type: string + type: array + required: + - targets + type: object + type: object + tlsConfig: + description: TLSConfig configuration to use when scraping the endpoint + properties: + ca: + description: Struct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for the + targets. + type: string + cert: + description: Struct containing the client cert file for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container for + the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container for + the targets. + type: string + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific scrape + parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/vmagent#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + vmProberSpec: + description: |- + Specification for the prober to use for probing targets. + The prober.URL parameter is required. Targets cannot be probed if left empty. + properties: + path: + description: |- + Path to collect metrics from. + Defaults to `/probe`. + type: string + scheme: + description: |- + HTTP scheme to use for scraping. + Defaults to `http`. + enum: + - http + - https + type: string + url: + description: Mandatory URL of the prober. + type: string + required: + - url + type: object + required: + - vmProberSpec + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmrules.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMRule + listKind: VMRuleList + plural: vmrules + singular: vmrule + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMRule defines rule records for vmalert application + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMRuleSpec defines the desired state of VMRule + properties: + groups: + description: Groups list of group rules + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + concurrency: + description: Concurrency defines how many rules execute at once. + type: integer + eval_alignment: + description: |- + Optional + The evaluation timestamp will be aligned with group's interval, + instead of using the actual timestamp that evaluation happens at. + It is enabled by default to get more predictable results + and to visually align with graphs plotted via Grafana or vmui. + type: boolean + eval_delay: + description: |- + Optional + Adjust the `time` parameter of group evaluation requests to compensate intentional query delay from the datasource. + type: string + eval_offset: + description: |- + Optional + Group will be evaluated at the exact offset in the range of [0...interval]. + type: string + extra_filter_labels: + additionalProperties: + type: string + description: |- + ExtraFilterLabels optional list of label filters applied to every rule's + request within a group. Is compatible only with VM datasource. + See more details [here](https://docs.victoriametrics.com/#prometheus-querying-api-enhancements) + Deprecated: use params instead + type: object + headers: + description: |- + Headers contains optional HTTP headers added to each rule request + Must be in form `header-name: value` + For example: + headers: + - "CustomHeader: foo" + - "CustomHeader2: bar" + items: + type: string + type: array + interval: + description: evaluation interval for group + type: string + labels: + additionalProperties: + type: string + description: |- + Labels optional list of labels added to every rule within a group. + It has priority over the external labels. + Labels are commonly used for adding environment + or tenant-specific tag. + type: object + limit: + description: |- + Limit the number of alerts an alerting rule and series a recording + rule can produce + type: integer + name: + description: Name of group + type: string + notifier_headers: + description: |- + NotifierHeaders contains optional HTTP headers added to each alert request which will send to notifier + Must be in form `header-name: value` + For example: + headers: + - "CustomHeader: foo" + - "CustomHeader2: bar" + items: + type: string + type: array + params: + additionalProperties: + items: + type: string + type: array + description: Params optional HTTP URL parameters added to each + rule request + type: object + rules: + description: Rules list of alert rules + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + description: Alert is a name for alert + type: string + annotations: + additionalProperties: + type: string + description: Annotations will be added to rule configuration + type: object + debug: + description: |- + Debug enables logging for rule + it useful for tracking + type: boolean + expr: + description: Expr is query, that will be evaluated at + dataSource + type: string + for: + description: |- + For evaluation interval in time.Duration format + 30s, 1m, 1h or nanoseconds + type: string + keep_firing_for: + description: |- + KeepFiringFor will make alert continue firing for this long + even when the alerting expression no longer has results. + Use time.Duration format, 30s, 1m, 1h or nanoseconds + type: string + labels: + additionalProperties: + type: string + description: Labels will be added to rule configuration + type: object + record: + description: Record represents a query, that will be recorded + to dataSource + type: string + update_entries_limit: + description: |- + UpdateEntriesLimit defines max number of rule's state updates stored in memory. + Overrides `-rule.updateEntriesLimit` in vmalert. + type: integer + type: object + type: array + tenant: + description: |- + Tenant id for group, can be used only with enterprise version of vmalert. + See more details [here](https://docs.victoriametrics.com/vmalert#multitenancy). + type: string + type: + description: |- + Type defines datasource type for enterprise version of vmalert + possible values - prometheus,graphite,vlogs + type: string + required: + - name + - rules + type: object + type: array + required: + - groups + type: object + status: + description: VMRuleStatus defines the observed state of VMRule + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmscrapeconfigs.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMScrapeConfig + listKind: VMScrapeConfigList + plural: vmscrapeconfigs + singular: vmscrapeconfig + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMScrapeConfig specifies a set of targets and parameters describing + how to scrape them. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMScrapeConfigSpec defines the desired state of VMScrapeConfig + properties: + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + azureSDConfigs: + description: AzureSDConfigs defines a list of Azure service discovery + configurations. + items: + description: |- + AzureSDConfig allow retrieving scrape targets from Azure VMs. + See [here](https://docs.victoriametrics.com/sd_configs#azure_sd_configs) + properties: + authenticationMethod: + description: |- + # The authentication method, either OAuth or ManagedIdentity. + See https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview + enum: + - OAuth + - ManagedIdentity + type: string + clientID: + description: Optional client ID. Only required with the OAuth + authentication method. + type: string + clientSecret: + description: Optional client secret. Only required with the + OAuth authentication method. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + environment: + description: The Azure environment. + type: string + port: + description: |- + The port to scrape metrics from. If using the public IP address, this must + instead be specified in the relabeling rule. + type: integer + resourceGroup: + description: Optional resource group name. Limits discovery + to this resource group. + type: string + subscriptionID: + description: The subscription ID. Always required. + minLength: 1 + type: string + tenantID: + description: Optional tenant ID. Only required with the OAuth + authentication method. + type: string + required: + - subscriptionID + type: object + type: array + basicAuth: + description: BasicAuth allow an endpoint to authenticate over basic + authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + consulSDConfigs: + description: ConsulSDConfigs defines a list of Consul service discovery + configurations. + items: + description: |- + ConsulSDConfig defines a Consul service discovery configuration. + See [here](https://docs.victoriametrics.com/sd_configs/#consul_sd_configs) + properties: + allowStale: + description: |- + Allow stale Consul results (see https://developer.hashicorp.com/consul/api-docs/features/consistency ). Will reduce load on Consul. + If unset, use its default value. + type: boolean + authorization: + description: Authorization header to use on every scrape request. + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth information to use on every scrape request. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + datacenter: + description: Consul Datacenter name, if not provided it will + use the local Consul Agent Datacenter. + type: string + filter: + description: |- + Filter defines filter for /v1/catalog/services requests + See https://developer.hashicorp.com/consul/api-docs/features/filtering + type: string + followRedirects: + description: |- + Configure whether HTTP requests follow HTTP 3xx redirects. + If unset, use its default value. + type: boolean + namespace: + description: Namespaces are only supported in Consul Enterprise. + type: string + nodeMeta: + additionalProperties: + type: string + description: Node metadata key/value pairs to filter nodes for + a given service. + type: object + x-kubernetes-map-type: atomic + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + partition: + description: Admin Partitions are only supported in Consul Enterprise. + type: string + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See [feature description](https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy) + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + scheme: + description: HTTP Scheme default "http" + enum: + - HTTP + - HTTPS + type: string + server: + description: A valid string consisting of a hostname or IP followed + by an optional port number. + minLength: 1 + type: string + services: + description: A list of services for which targets are retrieved. + If omitted, all services are scraped. + items: + type: string + type: array + x-kubernetes-list-type: atomic + tagSeparator: + description: |- + The string by which Consul tags are joined into the tag label. + If unset, use its default value. + type: string + tags: + description: An optional list of tags used to filter nodes for + a given service. Services must contain all tags in the list. + items: + type: string + type: array + x-kubernetes-list-type: atomic + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + tokenRef: + description: Consul ACL TokenRef, if not provided it will use + the ACL from the local Consul Agent. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - server + type: object + type: array + digitalOceanSDConfigs: + description: DigitalOceanSDConfigs defines a list of DigitalOcean + service discovery configurations. + items: + description: |- + DigitalOceanSDConfig allow retrieving scrape targets from DigitalOcean's Droplets API. + This service discovery uses the public IPv4 address by default, by that can be changed with relabeling. + See [here](https://docs.victoriametrics.com/sd_configs#digitalocean_sd_configs) + properties: + authorization: + description: Authorization header to use on every scrape request. + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + followRedirects: + description: Configure whether HTTP requests follow HTTP 3xx + redirects. + type: boolean + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + port: + description: The port to scrape metrics from. + type: integer + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See [feature description](https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy) + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + type: object + type: array + dnsSDConfigs: + description: DNSSDConfigs defines a list of DNS service discovery + configurations. + items: + description: |- + DNSSDConfig allows specifying a set of DNS domain names which are periodically queried to discover a list of targets. + The DNS servers to be contacted are read from /etc/resolv.conf. + See [here](https://docs.victoriametrics.com/sd_configs#dns_sd_configs) + properties: + names: + description: A list of DNS domain names to be queried. + items: + type: string + minItems: 1 + type: array + port: + description: |- + The port number used if the query type is not SRV + Ignored for SRV records + type: integer + type: + enum: + - SRV + - A + - AAAA + - MX + type: string + required: + - names + type: object + type: array + ec2SDConfigs: + description: EC2SDConfigs defines a list of EC2 service discovery + configurations. + items: + description: |- + EC2SDConfig allow retrieving scrape targets from AWS EC2 instances. + The private IP address is used by default, but may be changed to the public IP address with relabeling. + The IAM credentials used must have the ec2:DescribeInstances permission to discover scrape targets. + See [here](https://docs.victoriametrics.com/sd_configs#ec2_sd_configs) + properties: + accessKey: + description: AccessKey is the AWS API key. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + filters: + description: |- + Filters can be used optionally to filter the instance list by other criteria. + Available filter criteria can be found here: + https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html + Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html + items: + description: EC2Filter is the configuration for filtering + EC2 instances. + properties: + name: + type: string + values: + items: + type: string + type: array + required: + - name + - values + type: object + type: array + port: + description: |- + The port to scrape metrics from. If using the public IP address, this must + instead be specified in the relabeling rule. + type: integer + region: + description: The AWS region + type: string + roleARN: + description: AWS Role ARN, an alternative to using AWS API keys. + type: string + secretKey: + description: SecretKey is the AWS API secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + fileSDConfigs: + description: FileSDConfigs defines a list of file service discovery + configurations. + items: + description: |- + FileSDConfig defines a file service discovery configuration. + See [here](https://docs.victoriametrics.com/sd_configs#file_sd_configs) + properties: + files: + description: List of files to be used for file discovery. + items: + type: string + minItems: 1 + type: array + required: + - files + type: object + type: array + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + gceSDConfigs: + description: GCESDConfigs defines a list of GCE service discovery + configurations. + items: + description: |- + GCESDConfig configures scrape targets from GCP GCE instances. + The private IP address is used by default, but may be changed to + the public IP address with relabeling. + See [here](https://docs.victoriametrics.com/sd_configs#gce_sd_configs) + + The GCE service discovery will load the Google Cloud credentials + from the file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable. + See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform + properties: + filter: + description: |- + Filter can be used optionally to filter the instance list by other criteria + Syntax of this filter is described in the filter query parameter section: + https://cloud.google.com/compute/docs/reference/latest/instances/list + type: string + port: + description: |- + The port to scrape metrics from. If using the public IP address, this must + instead be specified in the relabeling rule. + type: integer + project: + description: The Google Cloud Project ID + minLength: 1 + type: string + tagSeparator: + description: The tag separator is used to separate the tags + on concatenation + type: string + zone: + description: The zone of the scrape targets. If you need multiple + zones use multiple GCESDConfigs. + x-kubernetes-preserve-unknown-fields: true + required: + - project + - zone + type: object + type: array + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects the + timestamps present in scraped data. + type: boolean + httpSDConfigs: + description: HTTPSDConfigs defines a list of HTTP service discovery + configurations. + items: + description: |- + HTTPSDConfig defines a HTTP service discovery configuration. + See [here](https://docs.victoriametrics.com/sd_configs#http_sd_configs) + properties: + authorization: + description: Authorization header to use on every scrape request. + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth information to use on every scrape request. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See [feature description](https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy) + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + url: + description: URL from which the targets are fetched. + minLength: 1 + pattern: ^http(s)?://.+$ + type: string + required: + - url + type: object + type: array + interval: + description: Interval at which metrics should be scraped + type: string + kubernetesSDConfigs: + description: KubernetesSDConfigs defines a list of Kubernetes service + discovery configurations. + items: + description: |- + KubernetesSDConfig allows retrieving scrape targets from Kubernetes' REST API. + See [here](https://docs.victoriametrics.com/sd_configs#kubernetes_sd_configs) + properties: + apiServer: + description: |- + The API server address consisting of a hostname or IP address followed + by an optional port number. + If left empty, assuming process is running inside + of the cluster. It will discover API servers automatically and use the pod's + CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. + type: string + attach_metadata: + description: AttachMetadata configures metadata attaching from + service discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + authorization: + description: Authorization header to use on every scrape request. + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth information to use on every scrape request. + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + followRedirects: + description: Configure whether HTTP requests follow HTTP 3xx + redirects. + type: boolean + namespaces: + description: Optional namespace discovery. If omitted, discover + targets across all namespaces. + properties: + names: + description: |- + List of namespaces where to watch for resources. + If empty and `ownNamespace` isn't true, watch for resources in all namespaces. + items: + type: string + type: array + ownNamespace: + description: Includes the namespace in which the pod exists + to the list of watched namespaces. + type: boolean + type: object + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See [feature description](https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy) + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + role: + description: Role of the Kubernetes entities that should be + discovered. + type: string + selectors: + description: Selector to select objects. + items: + description: K8SSelectorConfig is Kubernetes Selector Config + properties: + field: + type: string + label: + type: string + role: + type: string + required: + - role + type: object + type: array + x-kubernetes-list-map-keys: + - role + x-kubernetes-list-type: map + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - role + type: object + type: array + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped data + for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 client + id + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + openstackSDConfigs: + description: OpenStackSDConfigs defines a list of OpenStack service + discovery configurations. + items: + description: |- + OpenStackSDConfig allow retrieving scrape targets from OpenStack Nova instances. + See [here](https://docs.victoriametrics.com/sd_configs#openstack_sd_configs) + properties: + allTenants: + description: |- + Whether the service discovery should list all instances for all projects. + It is only relevant for the 'instance' role and usually requires admin permissions. + type: boolean + applicationCredentialId: + description: ApplicationCredentialID + type: string + applicationCredentialName: + description: |- + The ApplicationCredentialID or ApplicationCredentialName fields are + required if using an application credential to authenticate. Some providers + allow you to create an application credential to authenticate rather than a + password. + type: string + applicationCredentialSecret: + description: |- + The applicationCredentialSecret field is required if using an application + credential to authenticate. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + availability: + description: Availability of the endpoint to connect to. + enum: + - Public + - public + - Admin + - admin + - Internal + - internal + type: string + domainID: + description: DomainID + type: string + domainName: + description: |- + At most one of domainId and domainName must be provided if using username + with Identity V3. Otherwise, either are optional. + type: string + identityEndpoint: + description: |- + IdentityEndpoint specifies the HTTP endpoint that is required to work with + the Identity API of the appropriate version. + type: string + password: + description: |- + Password for the Identity V2 and V3 APIs. Consult with your provider's + control panel to discover your account's preferred method of authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + port: + description: |- + The port to scrape metrics from. If using the public IP address, this must + instead be specified in the relabeling rule. + type: integer + projectID: + description: ' ProjectID' + type: string + projectName: + description: |- + The ProjectId and ProjectName fields are optional for the Identity V2 API. + Some providers allow you to specify a ProjectName instead of the ProjectId. + Some require both. Your provider's authentication policies will determine + how these fields influence authentication. + type: string + region: + description: The OpenStack Region. + minLength: 1 + type: string + role: + description: The OpenStack role of entities that should be discovered. + enum: + - Instance + - instance + - Hypervisor + - hypervisor + type: string + tlsConfig: + description: TLS configuration to use on every scrape request + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + userid: + description: UserID + type: string + username: + description: |- + Username is required if using Identity V2 API. Consult with your provider's + control panel to discover your account's username. + In Identity V3, either userid or a combination of username + and domainId or domainName are needed + type: string + required: + - region + - role + type: object + type: array + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes to + proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. Default + is 'replace' + type: string + if: + description: 'If represents metricsQL match expression (or list + of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + staticConfigs: + description: StaticConfigs defines a list of static targets with a + common label set. + items: + description: |- + StaticConfig defines a static configuration. + See [here](https://docs.victoriametrics.com/sd_configs#static_configs) + properties: + labels: + additionalProperties: + type: string + description: Labels assigned to all metrics scraped from the + targets. + type: object + x-kubernetes-map-type: atomic + targets: + description: List of targets for this static configuration. + items: + type: string + type: array + type: object + type: array + tlsConfig: + description: TLSConfig configuration to use when scraping the endpoint + properties: + ca: + description: Struct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for the + targets. + type: string + cert: + description: Struct containing the client cert file for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container for + the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container for + the targets. + type: string + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific scrape + parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/vmagent#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmservicescrapes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMServiceScrape + listKind: VMServiceScrapeList + plural: vmservicescrapes + singular: vmservicescrape + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + VMServiceScrape is scrape configuration for endpoints associated with + kubernetes service, + it generates scrape configuration for vmagent based on selectors. + result config will scrape service endpoints + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMServiceScrapeSpec defines the desired state of VMServiceScrape + properties: + attach_metadata: + description: AttachMetadata configures metadata attaching from service + discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + discoveryRole: + description: |- + DiscoveryRole - defines kubernetes_sd role for objects discovery. + by default, its endpoints. + can be changed to service or endpointslices. + note, that with service setting, you have to use port: "name" + and cannot use targetPort for endpoints. + enum: + - endpoints + - service + - endpointslices + type: string + endpoints: + description: A list of endpoints allowed as part of this ServiceScrape. + items: + description: Endpoint defines a scrapeable endpoint serving metrics. + properties: + attach_metadata: + description: AttachMetadata configures metadata attaching from + service discovery + properties: + node: + description: |- + Node instructs vmagent to add node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice. + type: boolean + type: object + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects + the timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped + data for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after + scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the port exposed at Service. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number + of scraped samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetPort: + anyOf: + - type: integer + - type: string + description: |- + TargetPort + Name or number of the pod port this endpoint refers to. Mutually exclusive with port. + x-kubernetes-int-or-string: true + tlsConfig: + description: TLSConfig configuration to use when scraping the + endpoint + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific + scrape parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/vmagent#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: Selector to select which namespaces the Endpoints objects + are discovered from. + properties: + any: + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + podTargetLabels: + description: PodTargetLabels transfers labels on the Kubernetes Pod + onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + selector: + description: Selector to select Endpoints objects by corresponding + Service labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmsingles.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMSingle + listKind: VMSingleList + plural: vmsingles + singular: vmsingle + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current status of single node update process + jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VMSingle is fast, cost-effective and scalable time-series database. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMSingleSpec defines the desired state of VMSingle + properties: + affinity: + description: Affinity If specified, the pod's scheduling constraints. + type: object + x-kubernetes-preserve-unknown-fields: true + configMaps: + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/configs/CONFIGMAP_NAME folder + items: + type: string + type: array + containers: + description: |- + Containers property allows to inject additions sidecars or to patch existing containers. + It can be useful for proxies, backup, etc. + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + disableAutomountServiceAccountToken: + description: |- + DisableAutomountServiceAccountToken whether to disable serviceAccount auto mount by Kubernetes (available from v0.54.0). + Operator will conditionally create volumes and volumeMounts for containers if it requires k8s API access. + For example, vmagent and vm-config-reloader requires k8s API access. + Operator creates volumes with name: "kube-api-access", which can be used as volumeMount for extraContainers if needed. + And also adds VolumeMounts at /var/run/secrets/kubernetes.io/serviceaccount. + type: boolean + disableSelfServiceScrape: + description: |- + DisableSelfServiceScrape controls creation of VMServiceScrape by operator + for the application. + Has priority over `VM_DISABLESELFSERVICESCRAPECREATION` operator env variable + type: boolean + dnsConfig: + description: |- + Specifies the DNS parameters of a pod. + Parameters specified here will be merged to the generated DNS + configuration based on DNSPolicy. + items: + x-kubernetes-preserve-unknown-fields: true + properties: + nameservers: + description: |- + A list of DNS name server IP addresses. + This will be appended to the base nameservers generated from DNSPolicy. + Duplicated nameservers will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + options: + description: |- + A list of DNS resolver options. + This will be merged with the base options generated from DNSPolicy. + Duplicated entries will be removed. Resolution options given in Options + will override those that appear in the base DNSPolicy. + items: + description: PodDNSConfigOption defines DNS resolver options + of a pod. + properties: + name: + description: |- + Name is this DNS resolver option's name. + Required. + type: string + value: + description: Value is this DNS resolver option's value. + type: string + type: object + type: array + x-kubernetes-list-type: atomic + searches: + description: |- + A list of DNS search domains for host-name lookup. + This will be appended to the base search paths generated from DNSPolicy. + Duplicated search paths will be removed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + dnsPolicy: + description: DNSPolicy sets DNS policy for the pod + type: string + extraArgs: + additionalProperties: + type: string + description: |- + ExtraArgs that will be passed to the application container + for example remoteWrite.tmpDataPath: /tmp + type: object + extraEnvs: + description: ExtraEnvs that will be passed to the application container + items: + description: EnvVar represents an environment variable present in + a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key in + the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + host_aliases: + description: |- + HostAliasesUnderScore provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + Has Priority over hostAliases field + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostAliases: + description: |- + HostAliases provides mapping for ip and hostname, + that would be propagated to pod, + cannot be used with HostNetwork. + items: + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + x-kubernetes-list-type: atomic + ip: + description: IP address of the host file entry. + type: string + required: + - ip + type: object + type: array + hostNetwork: + description: HostNetwork controls whether the pod may use the node + network namespace + type: boolean + image: + description: |- + Image - docker image settings + if no specified operator uses default version from operator config + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's repository + if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + imagePullSecrets: + description: |- + ImagePullSecrets An optional list of references to secrets in the same namespace + to use for pulling images from registries + see https://kubernetes.io/docs/concepts/containers/images/#referring-to-an-imagepullsecrets-on-a-pod + items: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: |- + InitContainers allows adding initContainers to the pod definition. + Any errors during the execution of an initContainer will lead to a restart of the Pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + items: + description: A single application container that you want to run + within a pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + insertPorts: + description: InsertPorts - additional listen ports for data ingestion. + properties: + graphitePort: + description: GraphitePort listen port + type: string + influxPort: + description: InfluxPort listen port + type: string + openTSDBHTTPPort: + description: OpenTSDBHTTPPort for http connections. + type: string + openTSDBPort: + description: OpenTSDBPort for tcp and udp listen + type: string + type: object + license: + description: |- + License allows to configure license key to be used for enterprise features. + Using license key is supported starting from VictoriaMetrics v1.94.0. + See [here](https://docs.victoriametrics.com/enterprise) + properties: + forceOffline: + description: Enforce offline verification of the license key. + type: boolean + key: + description: |- + Enterprise license key. This flag is available only in [VictoriaMetrics enterprise](https://docs.victoriametrics.com/enterprise). + To request a trial license, [go to](https://victoriametrics.com/products/enterprise/trial) + type: string + keyRef: + description: KeyRef is reference to secret with license key for + enterprise features. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + reloadInterval: + description: Interval to be used for checking for license key + changes. Note that this is only applicable when using KeyRef. + type: string + type: object + livenessProbe: + description: LivenessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + logFormat: + description: LogFormat for VMSingle to be configured with. + enum: + - default + - json + type: string + logLevel: + description: LogLevel for victoria metrics single to be configured + with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + managedMetadata: + description: |- + ManagedMetadata defines metadata that will be added to the all objects + created by operator for the given CustomResource + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + type: object + minReadySeconds: + description: |- + MinReadySeconds defines a minimum number of seconds to wait before starting update next pod + if previous in healthy state + Has no effect for VLogs and VMSingle + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: NodeSelector Define which Nodes the Pods are scheduled + on. + type: object + paused: + description: |- + Paused If set to true all actions on the underlying managed objects are not + going to be performed, except for delete actions. + type: boolean + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the VMSingle pods. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + port: + description: Port listen address + type: string + priorityClassName: + description: PriorityClassName class assigned to the Pods + type: string + readinessGates: + description: ReadinessGates defines pod readiness gates + items: + description: PodReadinessGate contains the reference to a pod condition + properties: + conditionType: + description: ConditionType refers to a condition in the pod's + condition list with matching type. + type: string + required: + - conditionType + type: object + type: array + readinessProbe: + description: ReadinessProbe that will be added CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + removePvcAfterDelete: + description: |- + RemovePvcAfterDelete - if true, controller adds ownership to pvc + and after VMSingle object deletion - pvc will be garbage collected + by controller manager + type: boolean + replicaCount: + description: ReplicaCount is the expected size of the Application. + format: int32 + type: integer + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + retentionPeriod: + description: |- + RetentionPeriod defines how long to retain stored metrics, specified as a duration (e.g., "1d", "1w", "1m"). + Data with timestamps outside the RetentionPeriod is automatically deleted. The minimum allowed value is 1d, or 24h. + The default value is 1 (one month). + See [retention](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#retention) docs for details. + pattern: ^[0-9]+(h|d|w|y)?$ + type: string + revisionHistoryLimitCount: + description: |- + The number of old ReplicaSets to retain to allow rollback in deployment or + maximum number of revisions that will be maintained in the Deployment revision history. + Has no effect at StatefulSets + Defaults to 10. + format: int32 + type: integer + runtimeClassName: + description: |- + RuntimeClassName - defines runtime class for kubernetes pod. + https://kubernetes.io/docs/concepts/containers/runtime-class/ + type: string + schedulerName: + description: SchedulerName - defines kubernetes scheduler name + type: string + secrets: + description: |- + Secrets is a list of Secrets in the same namespace as the Application + object, which shall be mounted into the Application container + at /etc/vm/secrets/SECRET_NAME folder + items: + type: string + type: array + securityContext: + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. + type: object + x-kubernetes-preserve-unknown-fields: true + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the pods + type: string + serviceScrapeSpec: + description: ServiceScrapeSpec that will be added to vmsingle VMServiceScrape + spec + required: + - endpoints + type: object + x-kubernetes-preserve-unknown-fields: true + serviceSpec: + description: ServiceSpec that will be added to vmsingle service spec + properties: + metadata: + description: EmbeddedObjectMetadata defines objectMeta for additional + service. + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + spec: + description: |- + ServiceSpec describes the attributes that a user creates on a service. + More info: https://kubernetes.io/docs/concepts/services-networking/service/ + type: object + x-kubernetes-preserve-unknown-fields: true + useAsDefault: + description: |- + UseAsDefault applies changes from given service definition to the main object Service + Changing from headless service to clusterIP or loadbalancer may break cross-component communication + type: boolean + required: + - spec + type: object + startupProbe: + description: StartupProbe that will be added to CRD pod + type: object + x-kubernetes-preserve-unknown-fields: true + storage: + description: |- + Storage is the definition of how storage will be used by the VMSingle + by default it`s empty dir + this option is ignored if storageDataPath is set + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the PersistentVolume + backing this claim. + type: string + type: object + storageDataPath: + description: |- + StorageDataPath disables spec.storage option and overrides arg for victoria-metrics binary --storageDataPath, + its users responsibility to mount proper device into given path. + It requires to provide spec.volumes and spec.volumeMounts with at least 1 value + type: string + storageMetadata: + description: StorageMeta defines annotations and labels attached to + PVC for given vmsingle CR + properties: + annotations: + additionalProperties: + type: string + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + type: object + labels: + additionalProperties: + type: string + description: |- + Labels Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + type: object + name: + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names + type: string + type: object + streamAggrConfig: + description: StreamAggrConfig defines stream aggregation configuration + for VMSingle + properties: + configmap: + description: ConfigMap with stream aggregation rules + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + dedupInterval: + description: Allows setting different de-duplication intervals + per each configured remote storage + type: string + dropInput: + description: Allow drop all the input samples after the aggregation + type: boolean + dropInputLabels: + description: labels to drop from samples for aggregator before + stream de-duplication and aggregation + items: + type: string + type: array + enableWindows: + description: EnableWindows enables aggregating data in separate + windows ( available from v0.54.0). + type: boolean + ignoreFirstIntervals: + description: IgnoreFirstIntervals instructs to ignore first interval + type: integer + ignoreOldSamples: + description: IgnoreOldSamples instructs to ignore samples with + old timestamps outside the current aggregation interval. + type: boolean + keepInput: + description: Allows writing both raw and aggregate data + type: boolean + rules: + description: Stream aggregation rules + items: + description: StreamAggrRule defines the rule in stream aggregation + config + properties: + by: + description: |- + By is an optional list of labels for grouping input series. + + See also Without. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + dedup_interval: + description: DedupInterval is an optional interval for deduplication. + type: string + drop_input_labels: + description: |- + DropInputLabels is an optional list with labels, which must be dropped before further processing of input samples. + + Labels are dropped before de-duplication and aggregation. + items: + type: string + type: array + enable_windows: + description: EnableWindows enables aggregating data in separate + windows + type: boolean + flush_on_shutdown: + description: |- + FlushOnShutdown defines whether to flush the aggregation state on process termination + or config reload. Is `false` by default. + It is not recommended changing this setting, unless unfinished aggregations states + are preferred to missing data points. + type: boolean + ignore_first_intervals: + type: integer + ignore_old_samples: + description: IgnoreOldSamples instructs to ignore samples + with old timestamps outside the current aggregation interval. + type: boolean + input_relabel_configs: + description: |- + InputRelabelConfigs is an optional relabeling rules, which are applied on the input + before aggregation. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + interval: + description: Interval is the interval between aggregations. + type: string + keep_metric_names: + description: KeepMetricNames instructs to leave metric names + as is for the output time series without adding any suffix. + type: boolean + match: + description: |- + Match is a label selector (or list of label selectors) for filtering time series for the given selector. + + If the match isn't set, then all the input time series are processed. + x-kubernetes-preserve-unknown-fields: true + no_align_flush_to_interval: + description: |- + NoAlignFlushToInterval disables aligning of flushes to multiples of Interval. + By default flushes are aligned to Interval. + type: boolean + output_relabel_configs: + description: |- + OutputRelabelConfigs is an optional relabeling rules, which are applied + on the aggregated output before being sent to remote storage. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for + `action: graphite`' + type: object + match: + description: 'Match is used together with Labels for + `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + outputs: + description: |- + Outputs is a list of output aggregate functions to produce. + + The following names are allowed: + + - total - aggregates input counters + - increase - counts the increase over input counters + - count_series - counts the input series + - count_samples - counts the input samples + - sum_samples - sums the input samples + - last - the last biggest sample value + - min - the minimum sample value + - max - the maximum sample value + - avg - the average value across all the samples + - stddev - standard deviation across all the samples + - stdvar - standard variance across all the samples + - histogram_bucket - creates VictoriaMetrics histogram for input samples + - quantiles(phi1, ..., phiN) - quantiles' estimation for phi in the range [0..1] + + The output time series will have the following names: + + input_name:aggr__ + items: + type: string + type: array + staleness_interval: + description: |- + Staleness interval is interval after which the series state will be reset if no samples have been sent during it. + The parameter is only relevant for outputs: total, total_prometheus, increase, increase_prometheus and histogram_bucket. + type: string + without: + description: |- + Without is an optional list of labels, which must be excluded when grouping input series. + + See also By. + + If neither By nor Without are set, then the Outputs are calculated + individually per each input time series. + items: + type: string + type: array + required: + - interval + - outputs + type: object + type: array + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds period for container graceful + termination + format: int64 + type: integer + tolerations: + description: Tolerations If specified, the pod's tolerations. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: |- + TopologySpreadConstraints embedded kubernetes pod configuration option, + controls how pods are spread across your cluster among failure-domains + such as regions, zones, nodes, and other user-defined topology domains + https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + useDefaultResources: + description: |- + UseDefaultResources controls resource settings + By default, operator sets built-in resource requirements + type: boolean + useStrictSecurity: + description: |- + UseStrictSecurity enables strict security mode for component + it restricts disk writes access + uses non-root user out of the box + drops not needed security permissions + type: boolean + vmBackup: + description: VMBackup configuration for backup + properties: + acceptEULA: + description: |- + AcceptEULA accepts enterprise feature usage, must be set to true. + otherwise backupmanager cannot be added to single/cluster version. + https://victoriametrics.com/legal/esa/ + type: boolean + concurrency: + description: Defines number of concurrent workers. Higher concurrency + may reduce backup duration (default 10) + format: int32 + type: integer + credentialsSecret: + description: |- + CredentialsSecret is secret in the same namespace for access to remote storage + The secret is mounted into /etc/vm/creds. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + customS3Endpoint: + description: Custom S3 endpoint for use with S3-compatible storages + (e.g. MinIO). S3 is used if not set + type: string + destination: + description: Defines destination for backup + type: string + destinationDisableSuffixAdd: + description: |- + DestinationDisableSuffixAdd - disables suffix adding for cluster version backups + each vmstorage backup must have unique backup folder + so operator adds POD_NAME as suffix for backup destination folder. + type: boolean + disableDaily: + description: Defines if daily backups disabled (default false) + type: boolean + disableHourly: + description: Defines if hourly backups disabled (default false) + type: boolean + disableMonthly: + description: Defines if monthly backups disabled (default false) + type: boolean + disableWeekly: + description: Defines if weekly backups disabled (default false) + type: boolean + extraArgs: + additionalProperties: + type: string + description: extra args like maxBytesPerSecond default 0 + type: object + extraEnvs: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + extraEnvsFrom: + description: |- + ExtraEnvsFrom defines source of env variables for the application container + could either be secret or configmap + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: Image - docker image settings for VMBackuper + properties: + pullPolicy: + description: PullPolicy describes how to pull docker image + type: string + repository: + description: Repository contains name of docker image + it's + repository if needed + type: string + tag: + description: Tag contains desired docker image version + type: string + type: object + logFormat: + description: |- + LogFormat for VMBackup to be configured with. + default or json + enum: + - default + - json + type: string + logLevel: + description: LogLevel for VMBackup to be configured with. + enum: + - INFO + - WARN + - ERROR + - FATAL + - PANIC + type: string + port: + description: Port for health check connections + type: string + resources: + description: |- + Resources container resource request and limits, https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + if not defined default resources from operator config will be used + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restore: + description: |- + Restore Allows to enable restore options for pod + Read [more](https://docs.victoriametrics.com/vmbackupmanager#restore-commands) + properties: + onStart: + description: OnStart defines configuration for restore on + pod start + properties: + enabled: + description: Enabled defines if restore on start enabled + type: boolean + type: object + type: object + snapshotCreateURL: + description: SnapshotCreateURL overwrites url for snapshot create + type: string + snapshotDeleteURL: + description: SnapShotDeleteURL overwrites url for snapshot delete + type: string + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment definition. + VolumeMounts specified will be appended to other VolumeMounts in the vmbackupmanager container, + that are generated as a result of StorageSpec objects. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + type: object + volumeMounts: + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output Deployment/StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the Application container + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: |- + Volumes allows configuration of additional volumes on the output Deployment/StatefulSet definition. + Volumes specified will be appended to other volumes that are generated. + / +optional + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + required: + - name + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + status: + description: VMSingleStatus defines the observed state of VMSingle + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + singleStatus: + description: LegacyStatus is deprecated and will be removed at v0.52.0 + version + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmstaticscrapes.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMStaticScrape + listKind: VMStaticScrapeList + plural: vmstaticscrapes + singular: vmstaticscrape + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMStaticScrape defines static targets configuration for scraping. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMStaticScrapeSpec defines the desired state of VMStaticScrape. + properties: + jobName: + description: JobName name of job. + type: string + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targetEndpoints: + description: A list of target endpoints to scrape metrics from. + items: + description: TargetEndpoint defines single static target endpoint. + properties: + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value for authorization + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default to bearer + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the scrape object and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent respects + the timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + labels: + additionalProperties: + type: string + description: Labels static labels for targets. + type: object + max_scrape_size: + description: MaxScrapeSize defines a maximum size of scraped + data for a job + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples after + scrapping. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for client secret + file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + proxy_url: + description: |- + The proxy URL for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + type: string + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tls_config: + description: |- + TLSConfig for token_url connection + ( available from v0.55.0). + Is only supported by Scrape objects family + x-kubernetes-preserve-unknown-fields: true + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelConfigs: + description: RelabelConfigs to apply to samples during service + discovery. + items: + description: |- + RelabelConfig allows dynamic rewriting of the label set + More info: https://docs.victoriametrics.com/#relabeling + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + if: + description: 'If represents metricsQL match expression + (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with Match for `action: + graphite`' + type: object + match: + description: 'Match is used together with Labels for `action: + graphite`' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: |- + Regular expression against which the extracted value is matched. Default is '(.*)' + victoriaMetrics supports multiline regex joined with | + https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: |- + Replacement value against which a regex replace is performed if the + regular expression matches. Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + source_labels: + description: |- + UnderScoreSourceLabels - additional form of source labels source_labels + for compatibility with original relabel config. + if set both sourceLabels and source_labels, sourceLabels has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: |- + The source labels select values from existing labels. Their content is concatenated + using the configured separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: |- + UnderScoreTargetLabel - additional form of target label - target_label + for compatibility with original relabel config. + if set both targetLabel and target_label, targetLabel has priority. + for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: |- + Label to which the resulting value is written in a replace action. + It is mandatory for replace actions. Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number + of scraped samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + - HTTPS + - HTTP + type: string + scrape_interval: + description: |- + ScrapeInterval is the same as Interval and has priority over it. + one of scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: |- + SeriesLimit defines per-scrape limit on number of unique time series + a single target can expose during all the scrapes on the time window of 24h. + format: int64 + type: integer + targets: + description: Targets static targets addresses in form of ["192.122.55.55:9100","some-name:9100"]. + items: + type: string + minItems: 1 + type: array + tlsConfig: + description: TLSConfig configuration to use when scraping the + endpoint + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use + for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container + for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics specific + scrape parameters + properties: + disable_compression: + description: DisableCompression + type: boolean + disable_keep_alive: + description: |- + disable_keepalive allows disabling HTTP keep-alive when scraping targets. + By default, HTTP keep-alive is enabled, so TCP connections to scrape targets + could be reused. + See https://docs.victoriametrics.com/vmagent#scrape_config-enhancements + type: boolean + headers: + description: |- + Headers allows sending custom headers to scrape targets + must be in of semicolon separated header with it's value + eg: + headerName: headerValue + vmagent supports since 1.79.0 version + items: + type: string + type: array + no_stale_markers: + type: boolean + proxy_client_config: + description: |- + ProxyClientConfig configures proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/vmagent#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint to authenticate + over basic authentication + properties: + password: + description: |- + Password defines reference for secret with password value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: |- + PasswordFile defines path to password file at disk + must be pre-mounted + type: string + username: + description: |- + Username defines reference for secret with username value + The secret needs to be in the same namespace as scrape object + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + x-kubernetes-preserve-unknown-fields: true + type: object + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + required: + - targets + type: object + type: array + required: + - targetEndpoints + type: object + status: + description: ScrapeObjectStatus defines the observed state of ScrapeObjects + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.18.0 + name: vmusers.operator.victoriametrics.com +spec: + group: operator.victoriametrics.com + names: + kind: VMUser + listKind: VMUserList + plural: vmusers + singular: vmuser + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.updateStatus + name: Status + type: string + - jsonPath: .status.reason + name: Sync Error + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: VMUser is the Schema for the vmusers API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VMUserSpec defines the desired state of VMUser + properties: + bearerToken: + description: BearerToken Authorization header value for accessing + protected endpoint. + type: string + default_url: + description: |- + DefaultURLs backend url for non-matching paths filter + usually used for default backend with error message + items: + type: string + type: array + disable_secret_creation: + description: DisableSecretCreation skips related secret creation for + vmuser + type: boolean + discover_backend_ips: + description: DiscoverBackendIPs instructs discovering URLPrefix backend + IPs via DNS. + type: boolean + drop_src_path_prefix_parts: + description: |- + DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. + See [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details. + type: integer + dump_request_on_errors: + description: |- + DumpRequestOnErrors instructs vmauth to return detailed request params to the client + if routing rules don't allow to forward request to the backends. + Useful for debugging `src_hosts` and `src_headers` based routing rules + + available since v1.107.0 vmauth version + type: boolean + generatePassword: + description: |- + GeneratePassword instructs operator to generate password for user + if spec.password if empty. + type: boolean + headers: + description: |- + Headers represent additional http headers, that vmauth uses + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.68.0 version of vmauth + items: + type: string + type: array + ip_filters: + description: |- + IPFilters defines per target src ip filters + supported only with enterprise version of [vmauth](https://docs.victoriametrics.com/vmauth/#ip-filters) + properties: + allow_list: + items: + type: string + type: array + deny_list: + items: + type: string + type: array + type: object + load_balancing_policy: + description: |- + LoadBalancingPolicy defines load balancing policy to use for backend urls. + Supported policies: least_loaded, first_available. + See [here](https://docs.victoriametrics.com/vmauth#load-balancing) for more details (default "least_loaded") + enum: + - least_loaded + - first_available + type: string + max_concurrent_requests: + description: |- + MaxConcurrentRequests defines max concurrent requests per user + 300 is default value for vmauth + type: integer + metric_labels: + additionalProperties: + type: string + description: MetricLabels - additional labels for metrics exported + by vmauth for given user. + type: object + name: + description: Name of the VMUser object. + type: string + password: + description: Password basic auth password for accessing protected + endpoint. + type: string + passwordRef: + description: PasswordRef allows fetching password from user-create + secret by its name and key. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + response_headers: + description: |- + ResponseHeaders represent additional http headers, that vmauth adds for request response + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.93.0 version of vmauth + items: + type: string + type: array + retry_status_codes: + description: |- + RetryStatusCodes defines http status codes in numeric format for request retries + e.g. [429,503] + items: + type: integer + type: array + targetRefs: + description: TargetRefs - reference to endpoints, which user may access. + items: + description: |- + TargetRef describes target for user traffic forwarding. + one of target types can be chosen: + crd or static per targetRef. + user can define multiple targetRefs with different ref Types. + properties: + crd: + description: |- + CRD describes exist operator's CRD object, + operator generates access url based on CRD params. + properties: + kind: + description: |- + Kind one of: + VMAgent,VMAlert, VMSingle, VMCluster/vmselect, VMCluster/vmstorage,VMCluster/vminsert or VMAlertManager + enum: + - VMAgent + - VMAlert + - VMSingle + - VLogs + - VMAlertManager + - VMAlertmanager + - VMCluster/vmselect + - VMCluster/vmstorage + - VMCluster/vminsert + type: string + name: + description: Name target CRD object name + type: string + namespace: + description: Namespace target CRD object namespace. + type: string + required: + - kind + - name + - namespace + type: object + discover_backend_ips: + description: DiscoverBackendIPs instructs discovering URLPrefix + backend IPs via DNS. + type: boolean + drop_src_path_prefix_parts: + description: |- + DropSrcPathPrefixParts is the number of `/`-delimited request path prefix parts to drop before proxying the request to backend. + See [here](https://docs.victoriametrics.com/vmauth#dropping-request-path-prefix) for more details. + type: integer + headers: + description: |- + RequestHeaders represent additional http headers, that vmauth uses + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.68.0 version of vmauth + items: + type: string + type: array + hosts: + items: + type: string + type: array + load_balancing_policy: + description: |- + LoadBalancingPolicy defines load balancing policy to use for backend urls. + Supported policies: least_loaded, first_available. + See [here](https://docs.victoriametrics.com/vmauth#load-balancing) for more details (default "least_loaded") + enum: + - least_loaded + - first_available + type: string + paths: + description: Paths - matched path to route. + items: + type: string + type: array + response_headers: + description: |- + ResponseHeaders represent additional http headers, that vmauth adds for request response + in form of ["header_key: header_value"] + multiple values for header key: + ["header_key: value1,value2"] + it's available since 1.93.0 version of vmauth + items: + type: string + type: array + retry_status_codes: + description: |- + RetryStatusCodes defines http status codes in numeric format for request retries + Can be defined per target or at VMUser.spec level + e.g. [429,503] + items: + type: integer + type: array + src_headers: + description: SrcHeaders is an optional list of headers, which + must match request headers. + items: + type: string + type: array + src_query_args: + description: SrcQueryArgs is an optional list of query args, + which must match request URL query args. + items: + type: string + type: array + static: + description: |- + Static - user defined url for traffic forward, + for instance http://vmsingle:8429 + properties: + url: + description: URL http url for given staticRef. + type: string + urls: + description: URLs allows setting multiple urls for load-balancing + at vmauth-side. + items: + type: string + type: array + type: object + target_path_suffix: + description: |- + TargetPathSuffix allows to add some suffix to the target path + It allows to hide tenant configuration from user with crd as ref. + it also may contain any url encoded params. + type: string + targetRefBasicAuth: + description: TargetRefBasicAuth allow an target endpoint to + authenticate over basic authentication + properties: + password: + description: |- + The secret in the service scrape namespace that contains the password + for authentication. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: |- + The secret in the service scrape namespace that contains the username + for authentication. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - password + - username + type: object + type: object + type: array + tlsConfig: + description: TLSConfig defines tls configuration for the backend connection + properties: + ca: + description: Struct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container to use for the + targets. + type: string + cert: + description: Struct containing the client cert file for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the container for + the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the container for + the targets. + type: string + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + tokenRef: + description: TokenRef allows fetching token from user-created secrets + by its name and key. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: |- + UserName basic auth user name for accessing protected endpoint, + will be replaced with metadata.name of VMUser if omitted. + type: string + required: + - targetRefs + type: object + status: + description: VMUserStatus defines the observed state of VMUser + properties: + conditions: + description: 'Known .status.conditions.type are: "Available", "Progressing", + and "Degraded"' + items: + description: Condition defines status condition of the resource + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: |- + LastUpdateTime is the last time of given type update. + This value is used for status TTL update and removal + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of condition in CamelCase or in name.namespace.resource.victoriametrics.com/CamelCase. + maxLength: 316 + type: string + required: + - lastTransitionTime + - lastUpdateTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: |- + ObservedGeneration defines current generation picked by operator for the + reconcile + format: int64 + type: integer + reason: + description: Reason defines human readable error reason + type: string + updateStatus: + description: UpdateStatus defines a status for update rollout + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/NOTES.txt b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/NOTES.txt new file mode 100644 index 0000000..7fb3fbd --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/NOTES.txt @@ -0,0 +1,5 @@ +{{ include "vm.name" . }} has been installed. Check its status by running: + kubectl --namespace {{ include "vm.namespace" . }} get pods -l "app.kubernetes.io/instance={{ $.Release.Name }}" + +Get more information on https://github.com/VictoriaMetrics/helm-charts/tree/master/charts/victoria-metrics-operator. +See "Getting started guide for VM Operator" on https://docs.victoriametrics.com/guides/getting-started-with-vm-operator diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/_helpers.tpl b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/_helpers.tpl new file mode 100644 index 0000000..d121534 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/_helpers.tpl @@ -0,0 +1,48 @@ +{{- define "vm-operator.cleanup.annotations" -}} +"helm.sh/hook": pre-delete +"helm.sh/hook-weight": "{{ .hookWeight }}" +"helm.sh/hook-delete-policy": before-hook-creation +{{- end }} + +{{/* +Create unified annotations for vm-operator components +*/}} +{{- define "vm-operator.crds.annotations" -}} +{{- $Release :=(.helm).Release | default .Release -}} +helm.sh/resource-policy: keep +meta.helm.sh/release-namespace: {{ include "vm.namespace" . }} +meta.helm.sh/release-name: {{ $Release.Name }} +{{- end -}} + +{{/* +Generate certificates for webhook +*/}} +{{- define "vm-operator.certs" -}} +{{- $Values := (.helm).Values | default .Values }} +{{- $Release := (.helm).Release | default .Release }} +{{- $webhook := $Values.admissionWebhooks -}} +{{- $tls := $webhook.tls -}} +{{- $fullname := (include "vm.plain.fullname" .) -}} +{{- $secretName := (printf "%s-validation" $fullname) -}} +{{- $secret := lookup "v1" "Secret" (include "vm.namespace" .) $secretName -}} +{{- if (and $tls.caCert $tls.cert $tls.key) -}} +caCert: {{ $tls.caCert | b64enc }} +clientCert: {{ $tls.cert | b64enc }} +clientKey: {{ $tls.key | b64enc }} +{{- else if and $webhook.keepTLSSecret $secret -}} +caCert: {{ index $secret.data "ca.crt" }} +clientCert: {{ index $secret.data "tls.crt" }} +clientKey: {{ index $secret.data "tls.key" }} +{{- else -}} +{{- $altNames := default list -}} +{{- $namePrefix := (printf "%s.%s" $fullname (include "vm.namespace" .)) -}} +{{- $altNames = append $altNames $namePrefix -}} +{{- $altNames = append $altNames (printf "%s.svc" $namePrefix) -}} +{{- $altNames = append $altNames (printf "%s.svc.%s" $namePrefix $Values.global.cluster.dnsDomain) -}} +{{- $ca := genCA "vm-operator-ca" 3650 -}} +{{- $cert := genSignedCert $fullname nil $altNames 3650 $ca -}} +caCert: {{ $ca.Cert | b64enc }} +clientCert: {{ $cert.Cert | b64enc }} +clientKey: {{ $cert.Key | b64enc }} +{{- end -}} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/cleanup.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/cleanup.yaml new file mode 100644 index 0000000..d6f4c58 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/cleanup.yaml @@ -0,0 +1,51 @@ +{{- if and .Values.crds.enabled .Values.crds.cleanup.enabled }} +{{- $app := .Values.crds.cleanup }} +{{- if empty ($app.image).tag }} + {{- $tag := (printf "%s.%s" .Capabilities.KubeVersion.Major .Capabilities.KubeVersion.Minor) | replace "+" "" -}} + {{- $_ := set $app.image "tag" $tag }} +{{- else if not (kindIs "string" ($app.image).tag) }} + {{- fail "`crd.cleanup.image.tag` is not string, most probably you need to enquote provided value" -}} +{{- end }} +{{- $ctx := dict "helm" . "noEnterprise" true }} +{{- $fullname := include "vm.plain.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ $fullname }}-cleanup-hook + namespace: {{ $ns }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + annotations: {{ include "vm-operator.cleanup.annotations" (dict "hookWeight" "-3") | nindent 4 }} +spec: + template: + metadata: + name: {{ $fullname }} + labels: {{ include "vm.labels" $ctx | nindent 8 }} + spec: + serviceAccountName: {{ $fullname }}-cleanup-hook + {{- with (.Values.imagePullSecrets | default .Values.global.imagePullSecrets) }} + imagePullSecrets: {{ toYaml . | nindent 8 }} + {{- end }} + containers: + - name: kubectl + {{- $_ := set $ctx "appKey" (list "crds" "cleanup") }} + image: {{ include "vm.image" $ctx }} + imagePullPolicy: {{ $app.image.pullPolicy }} + resources: {{ toYaml $app.resources | nindent 12 }} + args: + - delete + - {{ (keys .Values.admissionWebhooks.enabledCRDValidation) | sortAlpha | join "," }} + - --all + - --ignore-not-found=true + restartPolicy: OnFailure + {{- with .Values.nodeSelector }} + nodeSelector: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: {{ toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/crb.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/crb.yaml new file mode 100644 index 0000000..7832707 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/crb.yaml @@ -0,0 +1,41 @@ +{{- $ctx := dict "helm" . }} +{{- $fullname := include "vm.plain.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +{{- if .Values.rbac.create }} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ $fullname }} + {{- $_ := set $ctx "extraLabels" .Values.extraLabels }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- $_ := unset $ctx "extraLabels" }} + {{- with .Values.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} +subjects: +- kind: ServiceAccount + name: {{ (.Values.serviceAccount).name | default $fullname }} + namespace: {{ $ns }} +roleRef: + kind: ClusterRole + name: {{ $fullname }} + apiGroup: rbac.authorization.k8s.io +{{- end -}} +{{- if and .Values.crds.enabled .Values.crds.cleanup.enabled }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ $fullname }}-cleanup-hook + namespace: {{ $ns }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + annotations: {{ include "vm-operator.cleanup.annotations" (dict "hookWeight" "-4") | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ $fullname }}-cleanup-hook +subjects: +- kind: ServiceAccount + name: {{ $fullname }}-cleanup-hook + namespace: {{ $ns }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/crd.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/crd.yaml new file mode 100644 index 0000000..d5bf4b7 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/crd.yaml @@ -0,0 +1,22 @@ +{{- /* do not update crds here, please update in /victoria-metrics-operator/crd.yaml */ -}} +{{- /* this is used to add "helm.sh/resource-policy: keep" annotation for each crd */ -}} +{{- /* see this pull request https://github.com/VictoriaMetrics/helm-charts/pull/771 for details */ -}} +{{- $ctx := dict "helm" . }} +{{- if and .Values.crds.plain (not .Values.crds.enabled) }} + {{- fail "When CRDs are disabled (`crds.enabled: false`) you need to disable plain CRD rendering (`crds.plain: false`)" -}} +{{- end -}} +{{- if and (not .Values.crds.plain) .Values.crds.enabled }} + {{- $files := .Files }} + {{- $crds := $files.Get "crd.yaml" | splitList "---" }} + {{- $labels := (include "vm.labels" $ctx) | fromYaml -}} + {{- $annotations := mergeOverwrite ((include "vm-operator.crds.annotations" .) | fromYaml) .Values.crds.annotations -}} + {{- $extra := dict "metadata" (dict "annotations" $annotations "labels" $labels) -}} + {{- range $crds }} + {{- $crd := merge (fromYaml .) $extra }} + {{- range $attrKey, $attrValue := $crd }} + {{- $attrKey }}: {{ toJson $attrValue }} + {{- printf "\n" -}} + {{ end }} + {{- print "\n---\n" }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/extra-objects.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/extra-objects.yaml new file mode 100644 index 0000000..f44224d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/extra-objects.yaml @@ -0,0 +1,4 @@ +{{ range .Values.extraObjects }} +--- +{{ tpl (ternary . (toYaml .) (typeIs "string" .)) $ }} +{{ end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/monitor.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/monitor.yaml new file mode 100644 index 0000000..0abcded --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/monitor.yaml @@ -0,0 +1,48 @@ +{{- $monitor := .Values.serviceMonitor }} +{{- if $monitor.enabled -}} +{{- $annotations := mustMerge $monitor.annotations .Values.annotations -}} +{{- $labels := mustMerge $monitor.extraLabels .Values.extraLabels -}} +{{- $ctx := dict "helm" . }} +{{- $fullname := include "vm.plain.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +apiVersion: {{ ternary "operator.victoriametrics.com/v1beta1" "monitoring.coreos.com/v1" $monitor.vm }} +kind: {{ ternary "VMServiceScrape" "ServiceMonitor" $monitor.vm }} +metadata: + name: {{ $fullname }} + namespace: {{ $ns }} + {{- $_ := set $ctx "extraLabels" $labels }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- $_ := unset $ctx "extraLabels" }} + {{- with $annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: {{ include "vm.selectorLabels" $ctx | nindent 6 }} + endpoints: + - port: http + {{- with $monitor.scheme }} + scheme: {{ . }} + {{- end }} + {{- with $monitor.interval }} + interval: {{ . }} + {{- end }} + {{- with $monitor.scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} + {{- with $monitor.tlsConfig }} + tlsConfig: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with $monitor.relabelings }} + {{ ternary "relabelConfigs" "relabelings" $monitor.vm }}: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with $monitor.basicAuth }} + basicAuth: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with $monitor.proxyURL }} + {{ ternary "proxyURL" "proxyUrl" $monitor.vm }}: {{ . }} + {{- end }} + namespaceSelector: + matchNames: + - {{ $ns }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/pdb.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/pdb.yaml new file mode 100644 index 0000000..8abd9de --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/pdb.yaml @@ -0,0 +1,23 @@ +{{- $pdb := .Values.podDisruptionBudget }} +{{- if $pdb.enabled }} +{{- $ctx := dict "helm" . }} +{{- $fullname := include "vm.plain.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ $fullname }} + namespace: {{ $ns }} + {{- $_ := set $ctx "extraLabels" $pdb.labels }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- $_ := unset $ctx "extraLabels" }} +spec: + {{- with $pdb.minAvailable }} + minAvailable: {{ . }} + {{- end }} + {{- with $pdb.maxUnavailable }} + maxUnavailable: {{ . }} + {{- end }} + selector: + matchLabels: {{ include "vm.selectorLabels" $ctx | nindent 6 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/rb.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/rb.yaml new file mode 100644 index 0000000..d31ecae --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/rb.yaml @@ -0,0 +1,24 @@ +{{- if .Values.rbac.create -}} +{{- $ctx := dict "helm" . }} +{{- $fullname := include "vm.plain.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ $fullname }} + namespace: {{ $ns }} + {{- $_ := set $ctx "extraLabels" .Values.extraLabels }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- $_ := unset $ctx "extraLabels" }} + {{- with .Values.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} +subjects: +- kind: ServiceAccount + name: {{ (.Values.serviceAccount).name | default $fullname }} + namespace: {{ $ns }} +roleRef: + kind: Role + name: {{ $fullname }} + apiGroup: rbac.authorization.k8s.io +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/role.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/role.yaml new file mode 100644 index 0000000..cb65897 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/role.yaml @@ -0,0 +1,218 @@ +{{- $rules := default dict }} +{{- $fileContentsList := .Files.Get "crd.yaml" | splitList "---" }} +{{- $groups := dict }} +{{- range $fileContentsList }} + {{- $fileContents := . | fromYaml }} + {{- $group := $fileContents.spec.group }} + {{- $plural:= $fileContents.spec.names.plural }} + {{- $resources := get $groups $group | default (list) }} + {{- $resources = concat $resources (list $plural (printf "%s/finalizers" $plural) (printf "%s/status" $plural)) }} + {{- $groups = set $groups $group $resources }} +{{- end }} + +{{- $verbs := dict "admin" (list "*") "view" (list "get" "list" "watch") }} +{{- range $group, $resources := $groups }} + {{- range $name, $v := $verbs }} + {{- $r := index $rules $name | default list -}} + {{- $r = append $r (dict "apiGroups" (list $group) "resources" $resources "verbs" $v) -}} + {{- $_ := set $rules $name $r }} + {{- end }} +{{- end -}} + +{{- $ctx := dict "helm" . "extraLabels" .Values.extraLabels }} +{{- $fullname := include "vm.plain.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} + +{{- if .Values.rbac.create }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ $fullname }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- with .Values.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + namespace: {{ $ns }} +rules: +- apiGroups: + - coordination.k8s.io + verbs: + - create + - get + - update + resources: + - leases + +{{- $watchNamespaces := (fromYaml (tpl (toYaml (dict "ns" .Values.watchNamespaces)) .)).ns }} +{{- $selfNamespace := $ns }} +{{- $watchSelfNamespace := (and (eq (len $watchNamespaces) 1) (eq (first $watchNamespaces) $selfNamespace)) }} +{{- if not $watchSelfNamespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ $fullname }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- with .Values.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} +rules: +- nonResourceURLs: {{ toYaml .Values.allowedMetricsEndpoints | nindent 2 }} + verbs: + - get + - watch + - list +{{- end }} +- apiGroups: + - "" + resources: + - configmaps + - configmaps/finalizers + - endpoints + - events + - persistentvolumeclaims + - persistentvolumeclaims/finalizers + - pods + - secrets + - secrets/finalizers + - services + - services/finalizers + - serviceaccounts + - serviceaccounts/finalizers + verbs: + - "*" +- apiGroups: + - "" + resources: + - configmaps/status + - nodes + - nodes/proxy + - nodes/metrics + - namespaces + verbs: + - get + - list + - watch +- apiGroups: + - apps + resources: + - daemonsets + - daemonsets/finalizers + - deployments + - deployments/finalizers + - replicasets + - statefulsets + - statefulsets/finalizers + - statefulsets/status + verbs: + - "*" +- apiGroups: + - monitoring.coreos.com + resources: + - "*" + verbs: + - "*" +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterrolebindings/finalizers + - clusterroles + - clusterroles/finalizers + - roles + - rolebindings + verbs: + - "*" +- apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - list + - get + - watch +- apiGroups: + - policy + resources: + - poddisruptionbudgets + - poddisruptionbudgets/finalizers + verbs: + - "*" +- apiGroups: + - route.openshift.io + - image.openshift.io + resources: + - routers/metrics + - registry/metrics + verbs: + - get +- apiGroups: + - autoscaling + verbs: + - "*" + resources: + - horizontalpodautoscalers +- apiGroups: + - networking.k8s.io + resources: + - ingresses + - ingresses/finalizers + verbs: + - "*" +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list +- apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - list + - watch + - get +{{- with $rules.admin }} +{{ toYaml . }} +{{- end }} +{{- end }} +{{- if and .Values.crds.enabled .Values.crds.cleanup.enabled }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ $fullname }}-cleanup-hook + namespace: {{ $ns }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + annotations: {{ include "vm-operator.cleanup.annotations" (dict "hookWeight" "-5") | nindent 4 }} +rules: {{ toYaml $rules.admin | nindent 2 }} +{{- end }} + +{{- if .Values.rbac.aggregatedClusterRoles.enabled }} +{{- /* This template generates readonly and admin cluster roles for */ -}} +{{- /* each CRD present in the helm chart. The clusterroles use the */ -}} +{{- /* kubernetes clusterrole aggregation feature to include these */ -}} +{{- /* cluster roles into the default view and admin roles */ -}} +{{- /* See https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles */}} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ $fullname }}-victoriametrics-admin + labels: + {{- include "vm.labels" $ctx | nindent 4 }} + {{- .Values.rbac.aggregatedClusterRoles.labels.admin | toYaml | nindent 4 }} +rules: {{ toYaml ($rules.admin | default list) | nindent 2 }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ $fullname }}-victoriametrics-view + labels: + {{- include "vm.labels" $ctx | nindent 4 }} + {{- .Values.rbac.aggregatedClusterRoles.labels.view | toYaml | nindent 4 }} +rules: {{ toYaml ($rules.view | default list) | nindent 2 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/server.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/server.yaml new file mode 100644 index 0000000..40d28a6 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/server.yaml @@ -0,0 +1,175 @@ +{{- $ctx := dict "helm" . "noEnterprise" true }} +{{- $fullname := include "vm.plain.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $fullname }} + namespace: {{ $ns }} + {{- $_ := set $ctx "extraLabels" .Values.extraLabels }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- $_ := unset $ctx "extraLabels" }} + {{- with .Values.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} +spec: + replicas: {{.Values.replicaCount }} + selector: + matchLabels: {{ include "vm.selectorLabels" $ctx | nindent 6 }} + template: + metadata: + {{- with .Values.annotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + {{- $_ := set $ctx "extraLabels" .Values.podLabels }} + labels: {{ include "vm.podLabels" $ctx | nindent 8 }} + {{- $_ := unset $ctx "extraLabels" }} + spec: + automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} + {{- if .Values.podSecurityContext.enabled }} + securityContext: {{ include "vm.securityContext" (dict "securityContext" .Values.podSecurityContext "helm" .) | nindent 8 }} + {{- end }} + {{- if .Values.hostNetwork }} + hostNetwork: true + {{- end }} + {{- if or (.Values.serviceAccount).name (.Values.serviceAccount).create }} + serviceAccountName: {{ (.Values.serviceAccount).name | default $fullname }} + {{- end }} + {{- with (.Values.imagePullSecrets | default .Values.global.imagePullSecrets) }} + imagePullSecrets: {{ toYaml . | nindent 8 }} + {{- end }} + containers: + - name: operator + image: {{ include "vm.image" $ctx }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.envFrom }} + envFrom: {{ toYaml . | nindent 12 }} + {{- end }} + env: + {{- range .Values.env }} + - name: {{ .name }} + value: {{ .value | quote }} + {{- end }} + {{- if .Values.watchNamespaces }} + - name: WATCH_NAMESPACE + value: {{ (tpl (.Values.watchNamespaces | join ",") .) | quote }} + {{- end }} + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: {{ .Chart.Name }} + {{- if .Values.operator.useCustomConfigReloader }} + - name: VM_USECUSTOMCONFIGRELOADER + value: "true" + {{- end }} + {{- with (((.Values).global).image).registry }} + - name: VM_CONTAINERREGISTRY + value: {{ quote . }} + {{- end -}} + {{- if .Values.operator.disable_prometheus_converter }} + - name: VM_ENABLEDPROMETHEUSCONVERTER_PODMONITOR + value: "false" + - name: VM_ENABLEDPROMETHEUSCONVERTER_SERVICESCRAPE + value: "false" + - name: VM_ENABLEDPROMETHEUSCONVERTER_PROMETHEUSRULE + value: "false" + - name: VM_ENABLEDPROMETHEUSCONVERTER_PROBE + value: "false" + - name: VM_ENABLEDPROMETHEUSCONVERTER_ALERTMANAGERCONFIG + value: "false" + {{- else if .Values.operator.prometheus_converter_add_argocd_ignore_annotations }} + - name: VM_PROMETHEUSCONVERTERADDARGOCDIGNOREANNOTATIONS + value: "true" + {{- end }} + - name: VM_ENABLEDPROMETHEUSCONVERTEROWNERREFERENCES + value: {{ .Values.operator.enable_converter_ownership | quote}} + args: + - --zap-log-level={{ .Values.logLevel }} + - --leader-elect + - --health-probe-bind-address=:8081 + {{- if .Values.admissionWebhooks.enabled }} + - --webhook.enable=true + {{- end }} + {{- range $key, $value := .Values.extraArgs }} + {{- if kindIs "slice" $value }} + {{- range $v := $value }} + - --{{ $key }}={{ $v }} + {{- end }} + {{- else }} + - --{{ $key }}={{ $value }} + {{- end }} + {{- end }} + ports: + - name: http + containerPort: {{ include "vm.port.from.flag" (dict "flag" (index .Values.extraArgs "metrics-bind-address") "default" "8080") }} + protocol: TCP + - name: probe + containerPort: {{ include "vm.port.from.flag" (dict "flag" (index .Values.extraArgs "health-probe-bind-address") "default" "8081") }} + protocol: TCP + - name: webhook + containerPort: {{ include "vm.port.from.flag" (dict "flag" (index .Values.extraArgs "webhook.port") "default" "9443") }} + protocol: TCP + {{- with (fromYaml (include "vm.probe" (dict "app" .Values "type" "readiness"))) }} + readinessProbe: {{ toYaml . | nindent 12 }} + {{- end }} + {{- with (fromYaml (include "vm.probe" (dict "app" .Values "type" "liveness"))) }} + livenessProbe: {{ toYaml . | nindent 12 }} + {{- end }} + {{- with (fromYaml (include "vm.probe" (dict "app" .Values "type" "startup"))) }} + startupProbe: {{ toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + {{- if .Values.admissionWebhooks.enabled }} + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + {{- end }} + {{- with .Values.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + resources: {{ toYaml .Values.resources | nindent 12 }} + {{- if .Values.securityContext.enabled }} + securityContext: {{ include "vm.securityContext" (dict "securityContext" .Values.securityContext "helm" .) | nindent 12 }} + {{- end }} + {{- with.Values.extraContainers }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} + {{- with .Values.lifecycle }} + lifecycle: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: {{ toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := .Values.topologySpreadConstraints }} + - {{ toYaml $constraint | nindent 10 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: {{ include "vm.selectorLabels" $ctx | nindent 14 }} + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: {{ toYaml . | nindent 8 }} + {{- end }} + volumes: + {{- if .Values.admissionWebhooks.enabled }} + - name: cert + secret: + defaultMode: 420 + secretName: {{ $fullname }}-validation + {{- end }} + {{- with .Values.extraVolumes }} + {{- toYaml .| nindent 8 }} + {{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/service.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/service.yaml new file mode 100644 index 0000000..842d444 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/service.yaml @@ -0,0 +1,50 @@ +{{- $service := .Values.service }} +{{- $ctx := dict "helm" . }} +{{- $fullname := include "vm.plain.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +apiVersion: v1 +kind: Service +metadata: + namespace: {{ $ns }} + {{- with $service.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + {{- $_ := set $ctx "extraLabels" .Values.extraLabels }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- $_ := unset $ctx "extraLabels" }} + name: {{ $fullname }} +spec: + {{- with $service.clusterIP }} + clusterIP: {{ . }} + {{- end }} + {{- with $service.externalIPs }} + externalIPs: {{ toYaml . | nindent 4 }} + {{- end }} + {{- with $service.loadBalancerIP }} + loadBalancerIP: {{ . }} + {{- end }} + {{- with $service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{ toYaml . | nindent 4 }} + {{- end }} + type: {{ $service.type }} + {{- with $service.healthCheckNodePort }} + healthCheckNodePort: {{ . }} + {{- end }} + {{- with $service.externalTrafficPolicy }} + externalTrafficPolicy: {{ . }} + {{- end }} + {{- with $service.ipFamilyPolicy }} + ipFamilyPolicy: {{ . }} + {{- end }} + {{- with $service.ipFamilies }} + ipFamilies: {{ toYaml . | nindent 4 }} + {{- end }} + ports: + - name: http + port: {{ $service.servicePort }} + targetPort: http + protocol: TCP + - name: webhook + port: {{ $service.webhookPort }} + targetPort: webhook + selector: {{ include "vm.selectorLabels" $ctx | nindent 4 }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/serviceaccount.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/serviceaccount.yaml new file mode 100644 index 0000000..59d26fb --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/serviceaccount.yaml @@ -0,0 +1,27 @@ +{{- $ctx := dict "helm" . }} +{{- $fullname := include "vm.plain.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +{{- $sa := .Values.serviceAccount }} +{{- if $sa.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ $sa.name | default $fullname }} + namespace: {{ $ns }} + {{- $_ := set $ctx "extraLabels" .Values.extraLabels }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- with .Values.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} +{{- end }} +{{- if and .Values.crds.enabled .Values.crds.cleanup.enabled }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ $fullname }}-cleanup-hook + namespace: {{ $ns }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + annotations: {{ include "vm-operator.cleanup.annotations" (dict "hookWeight" "-5") | nindent 4 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/webhook.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/webhook.yaml new file mode 100644 index 0000000..0718d37 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/templates/webhook.yaml @@ -0,0 +1,144 @@ +{{- if .Values.admissionWebhooks.enabled }} +{{- $ctx := dict "helm" . "extraLabels" .Values.extraLabels }} +{{- $tls := fromYaml (include "vm-operator.certs" $ctx) }} +{{- $fullname := include "vm.plain.fullname" $ctx }} +{{- $domain := ((.Values.global).cluster).dnsDomain }} +{{- $ns := include "vm.namespace" $ctx }} +{{- $certManager := .Values.admissionWebhooks.certManager }} +{{- $files := .Files }} +{{- $crds := $files.Get "crd.yaml" | splitList "---" }} +{{- $enabledHooks := .Values.admissionWebhooks.enabledCRDValidation }} +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: {{ $fullname }}-admission + {{- if $certManager.enabled }} + annotations: + certmanager.k8s.io/inject-ca-from: {{ printf "%s/%s-validation" $ns $fullname | quote }} + cert-manager.io/inject-ca-from: {{ printf "%s/%s-validation" $ns $fullname | quote }} + {{- end }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} +webhooks: +{{- range $crds }} +{{- $crd := fromYaml . }} +{{- $name := $crd.spec.names.singular }} +{{- if index $enabledHooks $name }} +{{- range $version := $crd.spec.versions }} + - clientConfig: + service: + namespace: {{ $ns }} + name: {{ $fullname }} + path: /validate-operator-victoriametrics-com-{{ $version.name }}-{{ $crd.spec.names.singular }} + port: {{ $.Values.service.webhookPort }} + {{- if not $certManager.enabled }} + caBundle: {{ $tls.caCert }} + {{- end }} + failurePolicy: {{ $.Values.admissionWebhooks.policy }} + name: '{{ $crd.metadata.name }}' + admissionReviewVersions: + - {{ $version.name }} + sideEffects: None + objectSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: NotIn + values: [{{ include "vm.name" $ }}] + rules: + - apiGroups: + - operator.victoriametrics.com + apiVersions: + - {{ $version.name }} + operations: + - CREATE + - UPDATE + resources: + - {{ $crd.spec.names.plural }} +{{- end }} +{{- end }} +{{- end }} +{{- if $certManager.enabled }} +{{- if not $certManager.issuer }} +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: {{ $fullname }}-root + namespace: {{ $ns }} +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ $fullname }}-root-ca + namespace: {{ $ns }} +spec: + secretName: {{ $fullname }}-root-ca + duration: {{ $certManager.ca.duration }} + {{- with $certManager.ca.secretTemplate }} + secretTemplate: {{ toYaml . | nindent 4 }} + {{- end }} + {{- with $certManager.ca.subject }} + subject: {{ toYaml . | nindent 4 }} + {{- end }} + issuerRef: + name: {{ $fullname }}-root + commonName: {{ $certManager.ca.commonName }} + isCA: true +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: {{ $fullname }}-issuer + namespace: {{ $ns }} +spec: + ca: + secretName: {{ $fullname }}-root-ca +{{- end }} +--- +# actual cert part for operator +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ $fullname }}-validation + namespace: {{ $ns }} +spec: + secretName: {{ $fullname }}-validation + duration: {{ $certManager.cert.duration }} + {{- with $certManager.cert.secretTemplate }} + secretTemplate: {{ toYaml . | nindent 4 }} + {{- end }} + {{- with $certManager.cert.commonName }} + commonName: {{ . }} + {{- end }} + {{- with $certManager.cert.subject }} + subject: {{ toYaml . | nindent 4 }} + {{- end }} + {{- $issuerRef := $certManager.issuer | default dict }} + {{- if empty $issuerRef }} + {{- $_ := set $issuerRef "name" (printf "%s-issuer" $fullname) }} + {{- end }} + issuerRef: {{ toYaml $issuerRef | nindent 4 }} + dnsNames: + - {{ $fullname }} + - {{ $fullname }}.{{ $ns }} + - {{ $fullname }}.{{ $ns }}.svc + {{- with $domain }} + - {{ $fullname }}.{{ $ns }}.svc.{{ . }} + {{- end }} +{{- else }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ $fullname }}-validation + namespace: {{ $ns }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} +type: kubernetes.io/tls +data: + ca.crt: {{ $tls.caCert }} + tls.crt: {{ $tls.clientCert }} + tls.key: {{ $tls.clientKey }} +{{- end -}} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/values.yaml b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/values.yaml new file mode 100644 index 0000000..a8d5620 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/charts/victoria-metrics-operator/values.yaml @@ -0,0 +1,337 @@ +global: + # -- Image pull secrets, that can be shared across multiple helm charts + imagePullSecrets: [] + image: + # -- Image registry, that can be shared across multiple helm charts + registry: "" + # -- Openshift security context compatibility configuration + compatibility: + openshift: + adaptSecurityContext: "auto" + cluster: + # -- K8s cluster domain suffix, uses for building storage pods' FQDN. Details are [here](https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/) + dnsDomain: cluster.local. +# Default values for victoria-metrics. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +# -- operator image configuration +image: + # -- Image registry + registry: "" + # -- Image repository + repository: victoriametrics/operator + # -- Image tag + # override Chart.AppVersion + tag: "" + # Variant of the image to use. + # e.g. scratch + variant: "" + # -- Image pull policy + pullPolicy: IfNotPresent + +crds: + # -- manages CRD creation. Disables CRD creation only in combination with `crds.plain: false` due to helm dependency conditions limitation + enabled: true + # -- check if plain or templated CRDs should be created. + # with this option set to `false`, all CRDs will be rendered from templates. + # with this option set to `true`, all CRDs are immutable and require manual upgrade. + plain: false + # -- additional CRD annotations, when `.Values.crds.plain: false` + annotations: {} + cleanup: + # -- Tells helm to clean up all the vm resources under this release's namespace when uninstalling + enabled: false + # -- Image configuration for CRD cleanup Job + image: + repository: bitnami/kubectl + # use image tag that matches k8s API version by default + tag: "" + pullPolicy: IfNotPresent + # -- Cleanup hook resources + resources: + limits: + cpu: "500m" + memory: "256Mi" + requests: + cpu: "100m" + memory: "56Mi" + +# -- Number of operator replicas +replicaCount: 1 + +# -- Secret to pull images +imagePullSecrets: [] + +# -- Override chart name +nameOverride: "" + +# -- Overrides the full name of server component resources +fullnameOverride: "" + +# -- VM operator log level. Possible values: info and error. +logLevel: "info" + +allowedMetricsEndpoints: + - /metrics + - /metrics/resources + +rbac: + # -- Specifies whether the RBAC resources should be created + create: true + # -- Create aggregated clusterRoles for CRD readonly and admin permissions + aggregatedClusterRoles: + enabled: true + # -- Labels attached to according clusterRole + labels: + view: + rbac.authorization.k8s.io/aggregate-to-view: "true" + admin: + rbac.authorization.k8s.io/aggregate-to-admin: "true" + +# -- Labels to be added to the all resources +extraLabels: {} +# -- extra Labels for Pods only +podLabels: {} +# -- Annotations to be added to the all resources +annotations: {} + +# -- Pod's security context. Details are [here](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) +podSecurityContext: + enabled: true + fsGroup: 2000 + runAsNonRoot: true + runAsUser: 1000 + +# -- Security context to be added to server pods +securityContext: + enabled: true + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + +operator: + # -- By default, operator converts prometheus-operator objects. + disable_prometheus_converter: false + # -- Compare-options and sync-options for prometheus objects converted by operator for properly use with ArgoCD + prometheus_converter_add_argocd_ignore_annotations: false + # -- Enables ownership reference for converted prometheus-operator objects, + # it will remove corresponding victoria-metrics objects in case of deletion prometheus one. + enable_converter_ownership: false + # -- Enables custom config-reloader, bundled with operator. + # It should reduce vmagent and vmauth config sync-time and make it predictable. + useCustomConfigReloader: false + +# -- By default, the operator will watch all the namespaces +# If you want to override this behavior, specify the namespace. +# Operator supports multiple namespaces for watching. +watchNamespaces: [] + +serviceAccount: + # -- Specifies whether a service account should be created + create: true + # -- The name of the service account to use. If not set and create is true, a name is generated using the fullname template + name: "" + + # -- Whether to automount the service account token. Note that token needs to be mounted manually if this is disabled. + automountServiceAccountToken: true + +service: + # -- Service annotations + annotations: {} + # -- Service labels + labels: {} + # -- Service ClusterIP + clusterIP: "" + # -- Service external IPs. Check [here](https://kubernetes.io/docs/concepts/services-networking/service/#external-ips) for details + externalIPs: "" + # -- Service load balancer IP + loadBalancerIP: "" + # -- Load balancer source range + loadBalancerSourceRanges: [] + # -- Service type + type: ClusterIP + # -- Health check node port for a service. Check [here](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip) for details + healthCheckNodePort: "" + # -- Service external traffic policy. Check [here](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip) for details + externalTrafficPolicy: "" + # -- Service IP family policy. Check [here](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services) for details. + ipFamilyPolicy: "" + # -- List of service IP families. Check [here](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services) for details. + ipFamilies: [] + # -- Service port + servicePort: 8080 + # -- Service webhook port + webhookPort: 9443 + +# -- See `kubectl explain poddisruptionbudget.spec` for more or check [these docs](https://kubernetes.io/docs/tasks/run-application/configure-pdb/) +podDisruptionBudget: + enabled: false + # minAvailable: 1 + # maxUnavailable: 1 + labels: {} + +# -- Graceful pod termination timeout. See [this article](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#hook-handler-execution) for details. +terminationGracePeriodSeconds: 30 + +# -- Operator lifecycle. See [this article](https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/) for details. +lifecycle: {} + +# -- Resource object +resources: + {} + # limits: + # cpu: 120m + # memory: 320Mi + # requests: + # cpu: 80m + # memory: 120Mi + +# -- Pod's node selector. Details are [here](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) +nodeSelector: {} + +# -- Name of Priority Class +priorityClassName: "" + +# -- Array of tolerations object. Spec is [here](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) +tolerations: [] + +# -- Pod affinity +affinity: {} + +# -- Pod Topology Spread Constraints. Spec is [here](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/) +topologySpreadConstraints: [] + +# -- Operator container additional commandline arguments +extraArgs: {} + +# -- Extra settings for the operator deployment. Full list [here](https://docs.victoriametrics.com/operator/configuration/#environment-variables) +env: + [] + # - name: VM_VMSINGLEDEFAULT_VERSION + # value: v1.43.0 + +# -- Specify alternative source for env variables +envFrom: + [] + #- configMapRef: + # name: special-config + +# -- Additional hostPath mounts +extraHostPathMounts: + [] + # - name: certs-dir + # mountPath: /etc/kubernetes/certs + # subPath: "" + # hostPath: /etc/kubernetes/certs +# readOnly: true + +# -- Extra Volumes for the pod +extraVolumes: + [] + # - name: example + # configMap: + # name: example + +# -- Extra Volume Mounts for the container +extraVolumeMounts: + [] + # - name: example + # mountPath: /example + +# -- Extra containers to run in a pod with operator +extraContainers: + [] + # - name: config-reloader + # image: reloader-image + +# -- Enable hostNetwork on operator deployment +hostNetwork: false + +# -- Configures resource validation +admissionWebhooks: + # -- Enables validation webhook. + enabled: true + enabledCRDValidation: + vmagent: true + vmalert: true + vmanomaly: true + vmsingle: true + vmauth: true + vmrule: true + vmalertmanagerconfig: true + vmalertmanager: true + vmcluster: true + vmuser: true + vlogs: true + vlsingle: true + vlcluster: true + vmservicescrape: true + vmpodscrape: true + vmnodescrape: true + vmprobe: true + vmstaticscrape: true + # -- What to do in case, when operator not available to validate request. + policy: Fail + # -- Enables custom ca bundle, if you are not using cert-manager. In case of custom ca, you have to create secret - {chart-name}-validation with keys: tls.key, tls.crt, ca.crt + certManager: + # -- Enables cert creation and injection by cert-manager. + enabled: false + # --If needed, provide own issuer. Operator will create self-signed if empty. + issuer: {} + # -- Certificate Authority parameters + ca: + secretTemplate: {} + subject: {} + duration: 63800h0m0s + commonName: ca.validation.victoriametrics + # -- Certificate parameters + cert: + secretTemplate: {} + subject: {} + duration: 45800h0m0s + commonName: "" + keepTLSSecret: true + # tls specifies TLS cert/key for the webhook + tls: + caCert: + cert: + key: + +# -- Configures monitoring with serviceScrape using either `VMServiceScrape` or `ServiceMonitor`. For latter [Prometheus Operator CRDs](https://artifacthub.io/packages/helm/prometheus-community/prometheus-operator-crds) should be preinstalled +serviceMonitor: + enabled: false + # -- Creates `VMServiceScrape` if `true` and `ServiceMonitor` otherwise. Make sure [Prometheus Operator CRDs](https://artifacthub.io/packages/helm/prometheus-community/prometheus-operator-crds) are installed if it's set to `false` + vm: true + extraLabels: {} + annotations: {} + relabelings: [] + scheme: "" + interval: "" + scrapeTimeout: "" + tlsConfig: {} + basicAuth: {} + +probe: + # -- Readiness probe + readiness: + httpGet: + port: probe + initialDelaySeconds: 5 + periodSeconds: 15 + timeoutSeconds: 5 + failureThreshold: 3 + # -- Liveness probe + liveness: + tcpSocket: + port: probe + initialDelaySeconds: 5 + periodSeconds: 15 + timeoutSeconds: 5 + failureThreshold: 3 + # -- Startup probe + startup: {} + +# -- Add extra specs dynamically to this chart +extraObjects: [] diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/alertmanager-overview.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/alertmanager-overview.yaml new file mode 100644 index 0000000..13d6af5 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/alertmanager-overview.yaml @@ -0,0 +1,264 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +condition: {{ ($Values.alertmanager).enabled }} +editable: false +graphTooltip: 1 +panels: +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 0 + id: 1 + panels: [] + title: Alerts + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: $datasource + description: current set of alerts stored in the Alertmanager + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + stacking: + mode: normal + unit: none + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 1 + id: 2 + options: + legend: + showLegend: false + tooltip: + mode: multi + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: sum(alertmanager_alerts{namespace=~"$namespace",service=~"$service"}) by (namespace,service,instance) + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: Alerts + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $datasource + description: rate of successful and invalid alerts received by the Alertmanager + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + stacking: + mode: normal + unit: ops + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 1 + id: 3 + options: + legend: + showLegend: false + tooltip: + mode: multi + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: sum(rate(alertmanager_alerts_received_total{namespace=~"$namespace",service=~"$service"}[$__rate_interval])) by (namespace,service,instance) + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} Received' + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: sum(rate(alertmanager_alerts_invalid_total{namespace=~"$namespace",service=~"$service"}[$__rate_interval])) by (namespace,service,instance) + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} Invalid' + title: Alerts receive rate + type: timeseries +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 8 + id: 4 + panels: [] + title: Notifications + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: $datasource + description: rate of successful and invalid notifications sent by the Alertmanager + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + stacking: + mode: normal + unit: ops + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 9 + id: 5 + options: + legend: + showLegend: false + tooltip: + mode: multi + pluginVersion: v11.4.0 + repeat: integration + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: sum(rate(alertmanager_notifications_total{namespace=~"$namespace",service=~"$service", integration="$integration"}[$__rate_interval])) by (integration,namespace,service,instance) + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} Total' + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: sum(rate(alertmanager_notifications_failed_total{namespace=~"$namespace",service=~"$service", integration="$integration"}[$__rate_interval])) by (integration,namespace,service,instance) + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} Failed' + title: '$integration: Notifications Send Rate' + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $datasource + description: latency of notifications sent by the Alertmanager + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + stacking: + mode: normal + unit: s + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 9 + id: 6 + options: + legend: + showLegend: false + tooltip: + mode: multi + pluginVersion: v11.4.0 + repeat: integration + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: |- + histogram_quantile(0.99, + sum(rate(alertmanager_notification_latency_seconds_bucket{namespace=~"$namespace",service=~"$service", integration="$integration"}[$__rate_interval])) by (le,namespace,service,instance) + ) + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} 99th Percentile' + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: |- + histogram_quantile(0.50, + sum(rate(alertmanager_notification_latency_seconds_bucket{namespace=~"$namespace",service=~"$service", integration="$integration"}[$__rate_interval])) by (le,namespace,service,instance) + ) + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} Median' + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: |- + sum(rate(alertmanager_notification_latency_seconds_sum{namespace=~"$namespace",service=~"$service", integration="$integration"}[$__rate_interval])) by (namespace,service,instance) + / + sum(rate(alertmanager_notification_latency_seconds_count{namespace=~"$namespace",service=~"$service", integration="$integration"}[$__rate_interval])) by (namespace,service,instance) + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} Average' + title: '$integration: Notification Duration' + type: timeseries +schemaVersion: 39 +tags: +- alertmanager-mixin +- vm-k8s-stack +templating: + list: + - current: + selected: false + text: Prometheus + value: Prometheus + hide: 0 + label: Data Source + name: datasource + query: {{ $defaultDatasource }} + type: datasource + - current: + selected: false + text: '' + value: '' + datasource: + type: prometheus + uid: ${datasource} + includeAll: false + label: namespace + name: namespace + query: label_values(alertmanager_alerts, namespace) + refresh: 2 + sort: 1 + type: query + - current: + selected: false + text: '' + value: '' + datasource: + type: prometheus + uid: ${datasource} + includeAll: false + label: service + name: service + query: label_values(alertmanager_alerts, service) + refresh: 2 + sort: 1 + type: query + - current: + selected: false + text: $__all + value: $__all + datasource: + type: prometheus + uid: ${datasource} + hide: 2 + includeAll: true + name: integration + query: label_values(alertmanager_notifications_total{integration=~".*"}, integration) + refresh: 2 + sort: 1 + type: query +time: + from: now-1h + to: now +timepicker: + refresh_intervals: + - 30s +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: Alertmanager / Overview +uid: alertmanager-overview diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/controller-manager.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/controller-manager.yaml new file mode 100644 index 0000000..65a170c --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/controller-manager.yaml @@ -0,0 +1,426 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +condition: {{ ($Values.kubeControllerManager).enabled }} +editable: false +links: +- asDropdown: true + includeVars: true + keepTime: true + tags: + - kubernetes-mixin + targetBlank: false + title: Kubernetes + type: dashboards +panels: +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + unit: none + gridPos: + h: 7 + w: 4 + x: 0 + 'y': 0 + id: 1 + interval: 1m + options: + colorMode: none + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(up{ {{ $clusterLabel }}=~"$cluster", job="kube-controller-manager"}) + instant: true + title: Up + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 20 + x: 4 + 'y': 0 + id: 2 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(workqueue_adds_total{ {{ $clusterLabel }}=~"$cluster", job="kube-controller-manager", instance=~"$instance"}[$__rate_interval])) by (cluster, instance, name) + legendFormat: '{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}' + title: Work Queue Add Rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: short + gridPos: + h: 7 + w: 24 + x: 0 + 'y': 7 + id: 3 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(workqueue_depth{ {{ $clusterLabel }}=~"$cluster", job="kube-controller-manager", instance=~"$instance"}[$__rate_interval])) by (cluster, instance, name) + legendFormat: '{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}' + title: Work Queue Depth + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 24 + x: 0 + 'y': 14 + id: 4 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(workqueue_queue_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kube-controller-manager", instance=~"$instance"}[$__rate_interval])) by (cluster, instance, name, le)) + legendFormat: '{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}' + title: Work Queue Latency + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 8 + x: 0 + 'y': 21 + id: 5 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{job="kube-controller-manager", instance=~"$instance",code=~"2.."}[$__rate_interval])) + legendFormat: 2xx + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{job="kube-controller-manager", instance=~"$instance",code=~"3.."}[$__rate_interval])) + legendFormat: 3xx + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{job="kube-controller-manager", instance=~"$instance",code=~"4.."}[$__rate_interval])) + legendFormat: 4xx + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{job="kube-controller-manager", instance=~"$instance",code=~"5.."}[$__rate_interval])) + legendFormat: 5xx + title: Kube API Request Rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 16 + x: 8 + 'y': 21 + id: 6 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kube-controller-manager", instance=~"$instance", verb="POST"}[$__rate_interval])) by (verb, le)) + legendFormat: '{{`{{`}}verb{{`}}`}}' + title: Post Request Latency 99th Quantile + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 24 + x: 0 + 'y': 28 + id: 7 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kube-controller-manager", instance=~"$instance", verb="GET"}[$__rate_interval])) by (verb, le)) + legendFormat: '{{`{{`}}verb{{`}}`}}' + title: Get Request Latency 99th Quantile + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: bytes + gridPos: + h: 7 + w: 8 + x: 0 + 'y': 35 + id: 8 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: process_resident_memory_bytes{ {{ $clusterLabel }}=~"$cluster", job="kube-controller-manager",instance=~"$instance"} + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: Memory + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: short + gridPos: + h: 7 + w: 8 + x: 8 + 'y': 35 + id: 9 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: rate(process_cpu_seconds_total{ {{ $clusterLabel }}=~"$cluster", job="kube-controller-manager",instance=~"$instance"}[$__rate_interval]) + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: CPU usage + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: short + gridPos: + h: 7 + w: 8 + x: 16 + 'y': 35 + id: 10 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: go_goroutines{ {{ $clusterLabel }}=~"$cluster", job="kube-controller-manager",instance=~"$instance"} + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: Goroutines + type: timeseries +refresh: 10s +schemaVersion: 39 +tags: +- kubernetes-mixin +- vm-k8s-stack +templating: + list: + - current: + selected: true + text: default + value: default + hide: 0 + label: Data source + name: datasource + query: {{ $defaultDatasource }} + regex: '' + type: datasource + - datasource: + type: prometheus + uid: ${datasource} + hide: {{ ternary 0 2 $multicluster }} + label: cluster + name: cluster + query: {{ ternary (b64dec "ImxhYmVsX3ZhbHVlcyh1cHtqb2I9XCJrdWJlLWNvbnRyb2xsZXItbWFuYWdlclwifSwgY2x1c3Rlciki" | replace "cluster" $clusterLabel) ".*" $multicluster }} + refresh: 2 + sort: 1 + type: {{ ternary "query" "constant" $multicluster }} + - datasource: + type: prometheus + uid: ${datasource} + hide: 0 + includeAll: true + label: instance + name: instance + query: label_values(up{ {{ $clusterLabel }}=~"$cluster", job="kube-controller-manager"}, instance) + refresh: 2 + sort: 1 + type: query +time: + from: now-1h + to: now +timezone: {{ default "UTC" ($Values.defaultDashboards).defaultTimezone }} +title: Kubernetes / Controller Manager +uid: 72e0e05bef5099e5f049b05fdc429ed4 diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/etcd.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/etcd.yaml new file mode 100644 index 0000000..1a3ef10 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/etcd.yaml @@ -0,0 +1,388 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +condition: {{ ($Values.kubeEtcd).enabled }} +description: etcd sample Grafana dashboard with Prometheus +editable: false +panels: +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + gridPos: + h: 7 + w: 6 + x: 0 + 'y': 0 + id: 1 + interval: 1m + options: + colorMode: none + graphMode: none + reduceOptions: + calcs: + - lastNotNull + pluginVersion: v10.0.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: sum(etcd_server_has_leader{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster"}) + legendFormat: '{{`{{`}}cluster{{`}}`}} - {{`{{`}}namespace{{`}}`}} + + ' + title: Up + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 0 + lineWidth: 2 + showPoints: never + unit: ops + gridPos: + h: 7 + w: 10 + x: 6 + 'y': 0 + id: 2 + interval: 1m + pluginVersion: v10.0.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: sum(rate(grpc_server_started_total{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster",grpc_type="unary"}[$__rate_interval])) + legendFormat: RPC rate + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: sum(rate(grpc_server_handled_total{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster",grpc_type="unary",grpc_code=~"Unknown|FailedPrecondition|ResourceExhausted|Internal|Unavailable|DataLoss|DeadlineExceeded"}[$__rate_interval])) + legendFormat: RPC failed rate + title: RPC rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 0 + lineWidth: 2 + showPoints: never + gridPos: + h: 7 + w: 8 + x: 16 + 'y': 0 + id: 3 + interval: 1m + pluginVersion: v10.0.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: sum(grpc_server_started_total{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster",grpc_service="etcdserverpb.Watch",grpc_type="bidi_stream"}) - sum(grpc_server_handled_total{ {{ $clusterLabel }}=~"$cluster",grpc_service="etcdserverpb.Watch",grpc_type="bidi_stream"}) + legendFormat: Watch streams + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: sum(grpc_server_started_total{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster",grpc_service="etcdserverpb.Lease",grpc_type="bidi_stream"}) - sum(grpc_server_handled_total{ {{ $clusterLabel }}=~"$cluster",grpc_service="etcdserverpb.Lease",grpc_type="bidi_stream"}) + legendFormat: Lease streams + title: Active streams + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 0 + lineWidth: 2 + showPoints: never + unit: bytes + gridPos: + h: 7 + w: 8 + x: 0 + 'y': 25 + id: 4 + interval: 1m + pluginVersion: v10.0.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: etcd_mvcc_db_total_size_in_bytes{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster"} + legendFormat: '{{`{{`}}instance{{`}}`}} DB size' + title: DB size + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 0 + lineWidth: 2 + showPoints: never + unit: s + gridPos: + h: 7 + w: 8 + x: 8 + 'y': 25 + id: 5 + interval: 1m + pluginVersion: v10.0.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: histogram_quantile(0.99, sum(rate(etcd_disk_wal_fsync_duration_seconds_bucket{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (instance, le)) + legendFormat: '{{`{{`}}instance{{`}}`}} WAL fsync' + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: histogram_quantile(0.99, sum(rate(etcd_disk_backend_commit_duration_seconds_bucket{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (instance, le)) + legendFormat: '{{`{{`}}instance{{`}}`}} DB fsync' + title: Disk sync duration + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 0 + lineWidth: 2 + showPoints: never + unit: bytes + gridPos: + h: 7 + w: 8 + x: 16 + 'y': 25 + id: 6 + interval: 1m + pluginVersion: v10.0.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: process_resident_memory_bytes{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster"} + legendFormat: '{{`{{`}}instance{{`}}`}} resident memory' + title: Memory + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 0 + lineWidth: 2 + showPoints: never + unit: Bps + gridPos: + h: 7 + w: 6 + x: 0 + 'y': 50 + id: 7 + interval: 1m + pluginVersion: v10.0.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: rate(etcd_network_client_grpc_received_bytes_total{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) + legendFormat: '{{`{{`}}instance{{`}}`}} client traffic in' + title: Client traffic in + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 0 + lineWidth: 2 + showPoints: never + unit: Bps + gridPos: + h: 7 + w: 6 + x: 6 + 'y': 50 + id: 8 + interval: 1m + pluginVersion: v10.0.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: rate(etcd_network_client_grpc_sent_bytes_total{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) + legendFormat: '{{`{{`}}instance{{`}}`}} client traffic out' + title: Client traffic out + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 0 + lineWidth: 2 + showPoints: never + unit: Bps + gridPos: + h: 7 + w: 6 + x: 12 + 'y': 50 + id: 9 + interval: 1m + pluginVersion: v10.0.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: sum(rate(etcd_network_peer_received_bytes_total{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (instance) + legendFormat: '{{`{{`}}instance{{`}}`}} peer traffic in' + title: Peer traffic in + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 0 + lineWidth: 2 + showPoints: never + unit: Bps + gridPos: + h: 7 + w: 6 + x: 18 + 'y': 50 + id: 10 + interval: 1m + pluginVersion: v10.0.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: sum(rate(etcd_network_peer_sent_bytes_total{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (instance) + legendFormat: '{{`{{`}}instance{{`}}`}} peer traffic out' + title: Peer traffic out + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 0 + lineWidth: 2 + showPoints: never + gridPos: + h: 7 + w: 8 + x: 0 + 'y': 75 + id: 11 + interval: 1m + pluginVersion: v10.0.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: changes(etcd_server_leader_changes_seen_total{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster"}[1d]) + legendFormat: '{{`{{`}}instance{{`}}`}} total leader elections per day' + title: Raft proposals + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 0 + lineWidth: 2 + showPoints: never + gridPos: + h: 7 + w: 8 + x: 8 + 'y': 75 + id: 12 + interval: 1m + pluginVersion: v10.0.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: changes(etcd_server_leader_changes_seen_total{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster"}[1d]) + legendFormat: '{{`{{`}}instance{{`}}`}} total leader elections per day' + title: Total leader elections per day + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 0 + lineWidth: 2 + showPoints: never + unit: s + gridPos: + h: 7 + w: 8 + x: 16 + 'y': 75 + id: 13 + interval: 1m + pluginVersion: v10.0.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $datasource + expr: histogram_quantile(0.99, sum by (instance, le) (rate(etcd_network_peer_round_trip_time_seconds_bucket{job=~".*etcd.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]))) + legendFormat: '{{`{{`}}instance{{`}}`}} peer round trip time' + title: Peer round trip time + type: timeseries +refresh: 10s +schemaVersion: 36 +tags: +- etcd-mixin +- vm-k8s-stack +templating: + list: + - label: Data Source + name: datasource + query: {{ $defaultDatasource }} + type: datasource + - datasource: + type: prometheus + uid: ${datasource} + hide: {{ ternary 0 2 $multicluster }} + label: cluster + name: cluster + query: {{ ternary (b64dec "ImxhYmVsX3ZhbHVlcyhldGNkX3NlcnZlcl9oYXNfbGVhZGVye2pvYj1+XCIuKmV0Y2QuKlwifSwgY2x1c3Rlciki" | replace "cluster" $clusterLabel) ".*" $multicluster }} + refresh: 2 + type: {{ ternary "query" "constant" $multicluster }} +time: + from: now-15m + to: now +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: etcd +uid: c2f4e12cdf69feb95caa41a5a1b423d9 diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/grafana-overview.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/grafana-overview.yaml new file mode 100644 index 0000000..c97796a --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/grafana-overview.yaml @@ -0,0 +1,438 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +annotations: + list: + - builtIn: 1 + datasource: -- Grafana -- + enable: true + hide: true + iconColor: rgba(0, 211, 255, 1) + name: Annotations & Alerts + target: + limit: 100 + matchAny: false + tags: [] + type: dashboard + type: dashboard +condition: {{ ($Values.grafana).enabled }} +editable: false +gnetId: null +graphTooltip: 0 +id: 3085 +iteration: 1631554945276 +links: [] +panels: +- datasource: $datasource + fieldConfig: + defaults: + mappings: [] + noValue: '0' + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: [] + gridPos: + h: 5 + w: 6 + x: 0 + 'y': 0 + id: 6 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + reduceOptions: + calcs: + - mean + fields: '' + values: false + text: {} + textMode: auto + pluginVersion: 8.1.3 + targets: + - expr: grafana_alerting_result_total{job=~"$job", instance=~"$instance", state="alerting"} + instant: true + interval: '' + legendFormat: '' + refId: A + timeFrom: null + timeShift: null + title: Firing Alerts + type: stat +- datasource: $datasource + fieldConfig: + defaults: + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: [] + gridPos: + h: 5 + w: 6 + x: 6 + 'y': 0 + id: 8 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + reduceOptions: + calcs: + - mean + fields: '' + values: false + text: {} + textMode: auto + pluginVersion: 8.1.3 + targets: + - expr: sum(grafana_stat_totals_dashboard{job=~"$job", instance=~"$instance"}) + interval: '' + legendFormat: '' + refId: A + timeFrom: null + timeShift: null + title: Dashboards + type: stat +- datasource: $datasource + fieldConfig: + defaults: + custom: + align: null + displayMode: auto + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: [] + gridPos: + h: 5 + w: 12 + x: 12 + 'y': 0 + id: 10 + options: + showHeader: true + pluginVersion: 8.1.3 + targets: + - expr: grafana_build_info{job=~"$job", instance=~"$instance"} + instant: true + interval: '' + legendFormat: '' + refId: A + timeFrom: null + timeShift: null + title: Build Info + transformations: + - id: labelsToFields + options: {} + - id: organize + options: + excludeByName: + Time: true + Value: true + branch: true + container: true + goversion: true + namespace: true + pod: true + revision: true + indexByName: + Time: 7 + Value: 11 + branch: 4 + container: 8 + edition: 2 + goversion: 6 + instance: 1 + job: 0 + namespace: 9 + pod: 10 + revision: 5 + version: 3 + renameByName: {} + type: table +- aliasColors: {} + bars: false + dashLength: 10 + dashes: false + datasource: $datasource + fieldConfig: + defaults: + links: [] + overrides: [] + fill: 1 + fillGradient: 0 + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 5 + hiddenSeries: false + id: 2 + legend: + avg: false + current: false + max: false + min: false + show: true + total: false + values: false + lines: true + linewidth: 1 + nullPointMode: 'null' + options: + alertThreshold: true + percentage: false + pluginVersion: 8.1.3 + pointradius: 2 + points: false + renderer: flot + seriesOverrides: [] + spaceLength: 10 + stack: true + steppedLine: false + targets: + - expr: sum by (status_code) (irate(grafana_http_request_duration_seconds_count{job=~"$job", instance=~"$instance"}[1m])) + interval: '' + legendFormat: '{{`{{`}}status_code{{`}}`}}' + refId: A + thresholds: [] + timeFrom: null + timeRegions: [] + timeShift: null + title: RPS + tooltip: + shared: true + sort: 0 + value_type: individual + type: graph + xaxis: + buckets: null + mode: time + name: null + show: true + values: [] + yaxes: + - $$hashKey: object:157 + format: reqps + label: null + logBase: 1 + max: null + min: null + show: true + - $$hashKey: object:158 + format: short + label: null + logBase: 1 + max: null + min: null + show: false + yaxis: + align: false + alignLevel: null +- aliasColors: {} + bars: false + dashLength: 10 + dashes: false + datasource: $datasource + fieldConfig: + defaults: + links: [] + overrides: [] + fill: 1 + fillGradient: 0 + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 5 + hiddenSeries: false + id: 4 + legend: + avg: false + current: false + max: false + min: false + show: true + total: false + values: false + lines: true + linewidth: 1 + nullPointMode: 'null' + options: + alertThreshold: true + percentage: false + pluginVersion: 8.1.3 + pointradius: 2 + points: false + renderer: flot + seriesOverrides: [] + spaceLength: 10 + stack: false + steppedLine: false + targets: + - exemplar: true + expr: histogram_quantile(0.99, sum(irate(grafana_http_request_duration_seconds_bucket{instance=~"$instance", job=~"$job"}[$__rate_interval])) by (le)) * 1 + interval: '' + legendFormat: 99th Percentile + refId: A + - exemplar: true + expr: histogram_quantile(0.50, sum(irate(grafana_http_request_duration_seconds_bucket{instance=~"$instance", job=~"$job"}[$__rate_interval])) by (le)) * 1 + interval: '' + legendFormat: 50th Percentile + refId: B + - exemplar: true + expr: sum(irate(grafana_http_request_duration_seconds_sum{instance=~"$instance", job=~"$job"}[$__rate_interval])) * 1 / sum(irate(grafana_http_request_duration_seconds_count{instance=~"$instance", job=~"$job"}[$__rate_interval])) + interval: '' + legendFormat: Average + refId: C + thresholds: [] + timeFrom: null + timeRegions: [] + timeShift: null + title: Request Latency + tooltip: + shared: true + sort: 0 + value_type: individual + type: graph + xaxis: + buckets: null + mode: time + name: null + show: true + values: [] + yaxes: + - $$hashKey: object:210 + format: ms + label: null + logBase: 1 + max: null + min: null + show: true + - $$hashKey: object:211 + format: short + label: null + logBase: 1 + max: null + min: null + show: true + yaxis: + align: false + alignLevel: null +schemaVersion: 30 +style: dark +tags: +- vm-k8s-stack +templating: + list: + - current: + selected: true + text: dev-cortex + value: dev-cortex + description: null + error: null + hide: 0 + includeAll: false + label: null + multi: false + name: datasource + options: [] + query: {{ $defaultDatasource }} + queryValue: '' + refresh: 1 + regex: '' + skipUrlSync: false + type: datasource + - allValue: .* + current: + selected: false + text: + - default/grafana + value: + - default/grafana + datasource: $datasource + definition: label_values(grafana_build_info, job) + description: null + error: null + hide: 0 + includeAll: true + label: null + multi: true + name: job + options: [] + query: + query: label_values(grafana_build_info, job) + refId: Billing Admin-job-Variable-Query + refresh: 1 + regex: '' + skipUrlSync: false + sort: 0 + tagValuesQuery: '' + tagsQuery: '' + type: query + useTags: false + - allValue: .* + current: + selected: false + text: All + value: $__all + datasource: $datasource + definition: label_values(grafana_build_info, instance) + description: null + error: null + hide: 0 + includeAll: true + label: null + multi: true + name: instance + options: [] + query: + query: label_values(grafana_build_info, instance) + refId: Billing Admin-instance-Variable-Query + refresh: 1 + regex: '' + skipUrlSync: false + sort: 0 + tagValuesQuery: '' + tagsQuery: '' + type: query + useTags: false +time: + from: now-6h + to: now +timepicker: + refresh_intervals: + - 10s + - 30s + - 1m + - 5m + - 15m + - 30m + - 1h + - 2h + - 1d +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: Grafana Overview +uid: 6be0s85Mk +version: 2 diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubelet.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubelet.yaml new file mode 100644 index 0000000..6364d91 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubelet.yaml @@ -0,0 +1,879 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +condition: {{ ($Values.kubelet).enabled }} +editable: false +links: +- asDropdown: true + includeVars: true + keepTime: true + tags: + - kubernetes-mixin + targetBlank: false + title: Kubernetes + type: dashboards +panels: +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + unit: none + gridPos: + h: 7 + w: 4 + x: 0 + 'y': 0 + id: 1 + interval: 1m + options: + colorMode: none + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kubelet_node_name{ {{ $clusterLabel }}=~"$cluster", job="kubelet", metrics_path="/metrics"}) + instant: true + title: Running Kubelets + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + unit: none + gridPos: + h: 7 + w: 4 + x: 4 + 'y': 0 + id: 2 + interval: 1m + options: + colorMode: none + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kubelet_running_pods{ {{ $clusterLabel }}=~"$cluster", job="kubelet", metrics_path="/metrics", instance=~"$instance"}) + instant: true + title: Running Pods + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + unit: none + gridPos: + h: 7 + w: 4 + x: 8 + 'y': 0 + id: 3 + interval: 1m + options: + colorMode: none + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kubelet_running_containers{ {{ $clusterLabel }}=~"$cluster", job="kubelet", metrics_path="/metrics", instance=~"$instance"}) + instant: true + title: Running Containers + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + unit: none + gridPos: + h: 7 + w: 4 + x: 12 + 'y': 0 + id: 4 + interval: 1m + options: + colorMode: none + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(volume_manager_total_volumes{ {{ $clusterLabel }}=~"$cluster", job="kubelet", metrics_path="/metrics", instance=~"$instance", state="actual_state_of_world"}) + instant: true + title: Actual Volume Count + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + unit: none + gridPos: + h: 7 + w: 4 + x: 16 + 'y': 0 + id: 5 + interval: 1m + options: + colorMode: none + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(volume_manager_total_volumes{ {{ $clusterLabel }}=~"$cluster", job="kubelet", metrics_path="/metrics", instance=~"$instance",state="desired_state_of_world"}) + instant: true + title: Desired Volume Count + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + unit: none + gridPos: + h: 7 + w: 4 + x: 20 + 'y': 0 + id: 6 + interval: 1m + options: + colorMode: none + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(kubelet_node_config_error{ {{ $clusterLabel }}=~"$cluster", job="kubelet", metrics_path="/metrics", instance=~"$instance"}[$__rate_interval])) + instant: true + title: Config Error Count + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 7 + id: 7 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(kubelet_runtime_operations_total{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics",instance=~"$instance"}[$__rate_interval])) by (operation_type, instance) + legendFormat: '{{`{{`}}instance{{`}}`}} {{`{{`}}operation_type{{`}}`}}' + title: Operation Rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 7 + id: 8 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(kubelet_runtime_operations_errors_total{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics",instance=~"$instance"}[$__rate_interval])) by (instance, operation_type) + legendFormat: '{{`{{`}}instance{{`}}`}} {{`{{`}}operation_type{{`}}`}}' + title: Operation Error Rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 24 + x: 0 + 'y': 14 + id: 9 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(kubelet_runtime_operations_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics",instance=~"$instance"}[$__rate_interval])) by (instance, operation_type, le)) + legendFormat: '{{`{{`}}instance{{`}}`}} {{`{{`}}operation_type{{`}}`}}' + title: Operation Duration 99th quantile + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 21 + id: 10 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(kubelet_pod_start_duration_seconds_count{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics",instance=~"$instance"}[$__rate_interval])) by (instance) + legendFormat: '{{`{{`}}instance{{`}}`}} pod' + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(kubelet_pod_worker_duration_seconds_count{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics",instance=~"$instance"}[$__rate_interval])) by (instance) + legendFormat: '{{`{{`}}instance{{`}}`}} worker' + title: Pod Start Rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 21 + id: 11 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(kubelet_pod_start_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics",instance=~"$instance"}[$__rate_interval])) by (instance, le)) + legendFormat: '{{`{{`}}instance{{`}}`}} pod' + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(kubelet_pod_worker_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics",instance=~"$instance"}[$__rate_interval])) by (instance, le)) + legendFormat: '{{`{{`}}instance{{`}}`}} worker' + title: Pod Start Duration + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 28 + id: 12 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(storage_operation_duration_seconds_count{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics",instance=~"$instance"}[$__rate_interval])) by (instance, operation_name, volume_plugin) + legendFormat: '{{`{{`}}instance{{`}}`}} {{`{{`}}operation_name{{`}}`}} {{`{{`}}volume_plugin{{`}}`}}' + title: Storage Operation Rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 28 + id: 13 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(storage_operation_errors_total{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics",instance=~"$instance"}[$__rate_interval])) by (instance, operation_name, volume_plugin) + legendFormat: '{{`{{`}}instance{{`}}`}} {{`{{`}}operation_name{{`}}`}} {{`{{`}}volume_plugin{{`}}`}}' + title: Storage Operation Error Rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 24 + x: 0 + 'y': 35 + id: 14 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(storage_operation_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kubelet", metrics_path="/metrics", instance=~"$instance"}[$__rate_interval])) by (instance, operation_name, volume_plugin, le)) + legendFormat: '{{`{{`}}instance{{`}}`}} {{`{{`}}operation_name{{`}}`}} {{`{{`}}volume_plugin{{`}}`}}' + title: Storage Operation Duration 99th quantile + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 42 + id: 15 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(kubelet_cgroup_manager_duration_seconds_count{ {{ $clusterLabel }}=~"$cluster", job="kubelet", metrics_path="/metrics", instance=~"$instance"}[$__rate_interval])) by (instance, operation_type) + legendFormat: '{{`{{`}}operation_type{{`}}`}}' + title: Cgroup manager operation rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 42 + id: 16 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(kubelet_cgroup_manager_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kubelet", metrics_path="/metrics", instance=~"$instance"}[$__rate_interval])) by (instance, operation_type, le)) + legendFormat: '{{`{{`}}instance{{`}}`}} {{`{{`}}operation_type{{`}}`}}' + title: Cgroup manager 99th quantile + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 49 + id: 17 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(kubelet_pleg_relist_duration_seconds_count{ {{ $clusterLabel }}=~"$cluster", job="kubelet", metrics_path="/metrics", instance=~"$instance"}[$__rate_interval])) by (instance) + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: PLEG relist rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 49 + id: 18 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(kubelet_pleg_relist_interval_seconds_bucket{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics",instance=~"$instance"}[$__rate_interval])) by (instance, le)) + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: PLEG relist interval + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 24 + x: 0 + 'y': 56 + id: 19 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(kubelet_pleg_relist_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics",instance=~"$instance"}[$__rate_interval])) by (instance, le)) + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: PLEG relist duration + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 24 + x: 0 + 'y': 63 + id: 20 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics", instance=~"$instance",code=~"2.."}[$__rate_interval])) + legendFormat: 2xx + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics", instance=~"$instance",code=~"3.."}[$__rate_interval])) + legendFormat: 3xx + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics", instance=~"$instance",code=~"4.."}[$__rate_interval])) + legendFormat: 4xx + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics", instance=~"$instance",code=~"5.."}[$__rate_interval])) + legendFormat: 5xx + title: RPC rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 24 + x: 0 + 'y': 70 + id: 21 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics", instance=~"$instance"}[$__rate_interval])) by (instance, verb, le)) + legendFormat: '{{`{{`}}instance{{`}}`}} {{`{{`}}verb{{`}}`}}' + title: Request duration 99th quantile + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: bytes + gridPos: + h: 7 + w: 8 + x: 0 + 'y': 77 + id: 22 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: process_resident_memory_bytes{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics",instance=~"$instance"} + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: Memory + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: short + gridPos: + h: 7 + w: 8 + x: 8 + 'y': 77 + id: 23 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: rate(process_cpu_seconds_total{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics",instance=~"$instance"}[$__rate_interval]) + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: CPU usage + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: short + gridPos: + h: 7 + w: 8 + x: 16 + 'y': 77 + id: 24 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: go_goroutines{ {{ $clusterLabel }}=~"$cluster",job="kubelet", metrics_path="/metrics",instance=~"$instance"} + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: Goroutines + type: timeseries +refresh: 10s +schemaVersion: 39 +tags: +- kubernetes-mixin +- vm-k8s-stack +templating: + list: + - current: + selected: true + text: default + value: default + hide: 0 + label: Data source + name: datasource + query: {{ $defaultDatasource }} + regex: '' + type: datasource + - datasource: + type: prometheus + uid: ${datasource} + hide: {{ ternary 0 2 $multicluster }} + label: cluster + name: cluster + query: {{ ternary (b64dec "ImxhYmVsX3ZhbHVlcyh1cHtqb2I9XCJrdWJlbGV0XCIsIG1ldHJpY3NfcGF0aD1cIi9tZXRyaWNzXCJ9LCBjbHVzdGVyKSI=" | replace "cluster" $clusterLabel) ".*" $multicluster }} + refresh: 2 + sort: 1 + type: {{ ternary "query" "constant" $multicluster }} + - datasource: + type: prometheus + uid: ${datasource} + hide: 0 + includeAll: true + label: instance + name: instance + query: label_values(up{job="kubelet", metrics_path="/metrics", {{ $clusterLabel }}=~"$cluster"}, instance) + refresh: 2 + type: query +time: + from: now-1h + to: now +timezone: {{ default "UTC" ($Values.defaultDashboards).defaultTimezone }} +title: Kubernetes / Kubelet +uid: 3138fa155d5915769fbded898ac09fd9 diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-system-api-server.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-system-api-server.yaml new file mode 100644 index 0000000..46e6f4a --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-system-api-server.yaml @@ -0,0 +1,1025 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +__elements: [] +__inputs: +- description: '' + label: Prometheus + name: DS_PROMETHEUS + pluginId: prometheus + pluginName: Prometheus + type: datasource +__requires: +- id: grafana + name: Grafana + type: grafana + version: 8.4.4 +- id: prometheus + name: Prometheus + type: datasource + version: 5.0.0 +- id: timeseries + name: Time series + type: panel + version: '' +- id: stat + name: Stat + type: panel + version: '' +annotations: + list: + - builtIn: 1 + datasource: + type: datasource + uid: grafana + enable: true + hide: true + iconColor: rgba(0, 211, 255, 1) + name: Annotations & Alerts + target: + limit: 100 + matchAny: false + tags: [] + type: dashboard + type: dashboard + - datasource: + type: datasource + uid: grafana + enable: true + hide: false + iconColor: '#5c4ee5' + name: terraform + target: + limit: 100 + matchAny: false + tags: + - terraform + type: tags + - datasource: + type: datasource + uid: grafana + enable: true + hide: false + iconColor: red + name: oncall + target: + limit: 100 + matchAny: false + tags: + - oncall + type: tags +condition: {{ ($Values.kubeApiServer).enabled }} +description: 'This is a modern API Server dashboard for your Kubernetes cluster(s). Made for kube-prometheus-stack and take advantage of the latest Grafana features. GitHub repository: https://github.com/dotdc/grafana-dashboards-kubernetes' +editable: false +fiscalYearStartMonth: 0 +graphTooltip: 1 +links: [] +liveNow: false +panels: +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + mappings: + - options: + '0': + text: DOWN + '1': + text: UP + type: value + thresholds: + mode: absolute + steps: + - color: red + value: null + - color: green + value: 1 + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 0 + id: 42 + options: + colorMode: background + graphMode: none + justifyMode: auto + orientation: horizontal + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + textMode: value_and_name + pluginVersion: 10.0.1 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: up{job=~"kubernetes-apiservers|apiserver", {{ $clusterLabel }}=~"$cluster"} + interval: '' + legendFormat: '{{`{{`}} instance {{`}}`}}' + refId: A + title: API Server - Health Status + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + custom: + align: auto + cellOptions: + type: auto + inspect: false + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: + - matcher: + id: byName + options: __name__ + properties: + - id: custom.width + value: 188 + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 0 + id: 60 + options: + cellHeight: sm + footer: + countRows: false + fields: '' + reducer: + - sum + show: false + showHeader: true + sortBy: + - desc: false + displayName: removed_release + pluginVersion: 10.0.1 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: apiserver_requested_deprecated_apis{ {{ $clusterLabel }}=~"$cluster"} + interval: '' + legendFormat: '' + refId: A + title: Deprecated Kubernetes Resources + transformations: + - id: labelsToFields + options: + keepLabels: + - group + - job + - removed_release + - resource + - version + - name + mode: columns + - id: merge + options: {} + - id: organize + options: + excludeByName: + Time: true + Value: true + job: true + indexByName: + Time: 6 + Value: 7 + group: 1 + job: 5 + namespace: 0 + removed_release: 4 + resource: 3 + version: 2 + renameByName: {} + - id: groupBy + options: + fields: + group: + aggregations: + - lastNotNull + operation: groupby + job: + aggregations: [] + operation: groupby + namespace: + aggregations: + - lastNotNull + operation: groupby + removed_release: + aggregations: [] + operation: groupby + resource: + aggregations: + - lastNotNull + operation: groupby + version: + aggregations: [] + operation: groupby + type: table +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 8 + id: 38 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum by (code) (rate(apiserver_request_total{ {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: $resolution + legendFormat: '{{`{{`}} code {{`}}`}}' + refId: A + title: API Server - HTTP Requests by code + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 8 + id: 39 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum by (verb) (rate(apiserver_request_total{ {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: $resolution + legendFormat: '{{`{{`}} verb{{`}}`}}' + refId: A + title: API Server - HTTP Requests by verb + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: ms + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 16 + id: 53 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: |- + sum(rate(apiserver_request_duration_seconds_sum{job=~"kubernetes-apiservers|apiserver", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (instance) + / + sum(rate(apiserver_request_duration_seconds_count{job=~"kubernetes-apiservers|apiserver", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (instance) + interval: $resolution + legendFormat: '{{`{{`}} instance {{`}}`}}' + refId: A + title: API Server - HTTP Requests Latency by instance + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: ms + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 16 + id: 54 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: |- + sum(rate(apiserver_request_duration_seconds_sum{job=~"kubernetes-apiservers|apiserver", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (verb) + / + sum(rate(apiserver_request_duration_seconds_count{job=~"kubernetes-apiservers|apiserver", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (verb) + interval: $resolution + legendFormat: '{{`{{`}} verb {{`}}`}}' + refId: A + title: API Server - HTTP Requests Latency by verb + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 24 + id: 50 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: |- + sum by(instance) (rate(apiserver_request_total{code=~"5..", job=~"kubernetes-apiservers|apiserver", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + / sum by(instance) (rate(apiserver_request_total{job=~"kubernetes-apiservers|apiserver", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: $resolution + legendFormat: '{{`{{`}} instance {{`}}`}}' + refId: A + title: API Server - Errors by Instance + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 24 + id: 51 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: |- + sum by(verb) (rate(apiserver_request_total{code=~"5..",job=~"kubernetes-apiservers|apiserver", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + / sum by(verb) (rate(apiserver_request_total{job=~"kubernetes-apiservers|apiserver", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: $resolution + legendFormat: '{{`{{`}} verb {{`}}`}}' + refId: A + title: API Server - Errors by verb + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 32 + id: 40 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(apiserver_request_total{ {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (instance) + interval: $resolution + legendFormat: '{{`{{`}} instance {{`}}`}}' + refId: A + title: API Server - Stacked HTTP Requests by instance + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 32 + id: 56 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(workqueue_depth{job=~"kubernetes-apiservers|apiserver", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (instance) + interval: $resolution + legendFormat: '{{`{{`}} instance {{`}}`}}' + refId: A + title: API Server - Work Queue by instance + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percent + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 40 + id: 47 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: rate(process_cpu_seconds_total{job=~"kubernetes-apiservers|apiserver", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) + interval: $resolution + legendFormat: '{{`{{`}} instance {{`}}`}}' + refId: A + title: API Server - CPU Usage by instance + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 40 + id: 48 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: process_resident_memory_bytes{job=~"kubernetes-apiservers|apiserver", {{ $clusterLabel }}=~"$cluster"} + interval: $resolution + legendFormat: '{{`{{`}} instance {{`}}`}}' + refId: A + title: API Server - Memory Usage by instance + type: timeseries +refresh: 30s +schemaVersion: 38 +style: dark +tags: +- Kubernetes +- Prometheus +- vm-k8s-stack +templating: + list: + - current: + selected: false + text: Prometheus + value: Prometheus + hide: 0 + includeAll: false + label: '' + multi: false + name: datasource + options: [] + query: {{ $defaultDatasource }} + queryValue: '' + refresh: 1 + regex: '' + skipUrlSync: false + type: datasource + - current: + isNone: true + selected: false + text: None + value: '' + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(kube_node_info,{{ $clusterLabel }}) + hide: {{ ternary 0 2 $multicluster }} + includeAll: false + multi: false + name: cluster + options: [] + query: {{ ternary (b64dec "eyJxcnlUeXBlIjogMSwgInF1ZXJ5IjogImxhYmVsX3ZhbHVlcyhrdWJlX25vZGVfaW5mbyxjbHVzdGVyKSIsICJyZWZJZCI6ICJQcm9tZXRoZXVzVmFyaWFibGVRdWVyeUVkaXRvci1WYXJpYWJsZVF1ZXJ5In0=" | replace "cluster" $clusterLabel) ".*" $multicluster }} + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + type: {{ ternary "query" "constant" $multicluster }} + - current: + selected: true + text: 30s + value: 30s + hide: 0 + includeAll: false + multi: false + name: resolution + options: + - selected: false + text: 1s + value: 1s + - selected: false + text: 15s + value: 15s + - selected: true + text: 30s + value: 30s + - selected: false + text: 1m + value: 1m + - selected: false + text: 3m + value: 3m + - selected: false + text: 5m + value: 5m + query: 1s, 15s, 30s, 1m, 3m, 5m + queryValue: '' + skipUrlSync: false + type: custom +time: + from: now-1h + to: now +timepicker: {} +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: Kubernetes / System / API Server +uid: k8s_system_apisrv +version: 19 +weekStart: '' diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-system-coredns.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-system-coredns.yaml new file mode 100644 index 0000000..c1dc789 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-system-coredns.yaml @@ -0,0 +1,1189 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +__elements: [] +__inputs: +- description: '' + label: Prometheus + name: DS_PROMETHEUS + pluginId: prometheus + pluginName: Prometheus + type: datasource +__requires: +- id: grafana + name: Grafana + type: grafana + version: 8.4.4 +- id: prometheus + name: Prometheus + type: datasource + version: 5.0.0 +- id: timeseries + name: Time series + type: panel + version: '' +- id: stat + name: Stat + type: panel + version: '' +annotations: + list: + - builtIn: 1 + datasource: + type: datasource + uid: grafana + enable: true + hide: true + iconColor: rgba(0, 211, 255, 1) + name: Annotations & Alerts + target: + limit: 100 + matchAny: false + tags: [] + type: dashboard + type: dashboard + - datasource: + type: datasource + uid: grafana + enable: true + hide: false + iconColor: '#5c4ee5' + name: terraform + target: + limit: 100 + matchAny: false + tags: + - terraform + type: tags + - datasource: + type: datasource + uid: grafana + enable: true + hide: false + iconColor: red + name: oncall + target: + limit: 100 + matchAny: false + tags: + - oncall + type: tags +condition: {{ ($Values.coreDns).enabled }} +description: 'This is a modern CoreDNS dashboard for your Kubernetes cluster(s). Made for kube-prometheus-stack and take advantage of the latest Grafana features. GitHub repository: https://github.com/dotdc/grafana-dashboards-kubernetes' +editable: false +fiscalYearStartMonth: 0 +graphTooltip: 1 +links: [] +liveNow: false +panels: +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + mappings: + - options: + '0': + text: DOWN + '1': + text: UP + type: value + thresholds: + mode: absolute + steps: + - color: red + value: null + - color: green + value: 1 + overrides: [] + gridPos: + h: 3 + w: 24 + x: 0 + 'y': 0 + id: 25 + options: + colorMode: background + graphMode: none + justifyMode: auto + orientation: vertical + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + textMode: value_and_name + wideLayout: true + pluginVersion: 10.4.1 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: up{job=~"$job", instance=~"$instance", {{ $clusterLabel }}=~"$cluster"} + interval: '' + legendFormat: '{{`{{`}} instance {{`}}`}}' + refId: A + title: CoreDNS - Health Status + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 3 + id: 19 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: rate(process_cpu_seconds_total{job=~"$job", instance=~"$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) + interval: $resolution + legendFormat: '{{`{{`}} instance {{`}}`}}' + refId: A + title: CoreDNS - CPU Usage by instance + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 3 + id: 21 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: process_resident_memory_bytes{job=~"$job", instance=~"$instance", {{ $clusterLabel }}=~"$cluster"} + interval: '' + legendFormat: '{{`{{`}} instance {{`}}`}}' + refId: A + title: CoreDNS - Memory Usage by instance + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 11 + id: 9 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(coredns_dns_requests_total{instance=~"$instance",proto="$protocol", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: $resolution + legendFormat: total $protocol requests + refId: A + title: CoreDNS - Total DNS Requests ($protocol) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 11 + id: 7 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(coredns_dns_request_size_bytes_sum{instance=~"$instance",proto="$protocol", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (proto) / sum(rate(coredns_dns_request_size_bytes_count{instance=~"$instance",proto="$protocol", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (proto) + interval: $resolution + legendFormat: average $protocol packet size + refId: A + title: CoreDNS - Average Packet Size ($protocol) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 19 + id: 2 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(coredns_dns_requests_total{instance=~"$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (type) + interval: $resolution + legendFormat: '{{`{{`}} type {{`}}`}}' + refId: A + title: CoreDNS - Requests by type + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 19 + id: 4 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(coredns_dns_responses_total{instance=~"$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (rcode) + interval: $resolution + legendFormat: '{{`{{`}} rcode {{`}}`}}' + refId: A + title: CoreDNS - Requests by return code + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 27 + id: 23 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(coredns_forward_requests_total{ {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: $resolution + legendFormat: total forward requests + refId: A + title: CoreDNS - Total Forward Requests + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 27 + id: 13 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(coredns_forward_responses_total{rcode=~"SERVFAIL|REFUSED", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (rcode) + interval: $resolution + legendFormat: '{{`{{`}} rcode {{`}}`}}' + refId: A + title: CoreDNS - DNS Errors + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 35 + id: 17 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(coredns_cache_hits_total{instance=~"$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (type) + interval: $resolution + legendFormat: '{{`{{`}} type {{`}}`}}' + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(coredns_cache_misses_total{instance=~"$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (type) + interval: $resolution + legendFormat: misses + refId: B + title: CoreDNS - Cache Hits / Misses + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 35 + id: 15 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(coredns_cache_entries{ {{ $clusterLabel }}=~"$cluster"}) by (type) + interval: '' + legendFormat: '{{`{{`}} type {{`}}`}}' + refId: A + title: CoreDNS - Cache Size + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + custom: + hideFrom: + legend: false + tooltip: false + viz: false + scaleDistribution: + type: linear + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 43 + id: 27 + options: + calculate: false + cellGap: 1 + color: + exponent: 0.5 + fill: dark-orange + mode: scheme + reverse: false + scale: exponential + scheme: RdYlBu + steps: 64 + exemplars: + color: rgba(255,0,255,0.7) + filterValues: + le: 1.0e-09 + legend: + show: true + rowsFrame: + layout: auto + tooltip: + mode: single + showColorScale: false + yHistogram: false + yAxis: + axisPlacement: left + reverse: false + unit: s + pluginVersion: 10.4.1 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(increase(coredns_dns_request_duration_seconds_bucket{instance=~"$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (le) + format: heatmap + legendFormat: '{{`{{`}}le{{`}}`}}' + range: true + refId: A + title: CoreDNS - DNS request duration + type: heatmap +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + custom: + hideFrom: + legend: false + tooltip: false + viz: false + scaleDistribution: + type: linear + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 43 + id: 28 + options: + calculate: false + cellGap: 1 + color: + exponent: 0.5 + fill: dark-orange + mode: scheme + reverse: false + scale: exponential + scheme: RdYlBu + steps: 64 + exemplars: + color: rgba(255,0,255,0.7) + filterValues: + le: 1.0e-09 + legend: + show: true + rowsFrame: + layout: auto + tooltip: + mode: single + showColorScale: false + yHistogram: false + yAxis: + axisPlacement: left + reverse: false + unit: decbytes + pluginVersion: 10.4.1 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(increase(coredns_dns_request_size_bytes_bucket{instance=~"$instance", le!="0", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (le) + format: heatmap + legendFormat: '{{`{{`}}le{{`}}`}}' + range: true + refId: A + title: CoreDNS - DNS request size + type: heatmap +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + custom: + hideFrom: + legend: false + tooltip: false + viz: false + scaleDistribution: + type: linear + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 53 + id: 29 + options: + calculate: false + cellGap: 1 + color: + exponent: 0.5 + fill: dark-orange + mode: scheme + reverse: false + scale: exponential + scheme: RdYlBu + steps: 64 + exemplars: + color: rgba(255,0,255,0.7) + filterValues: + le: 1.0e-09 + legend: + show: true + rowsFrame: + layout: auto + tooltip: + mode: single + showColorScale: false + yHistogram: false + yAxis: + axisPlacement: left + reverse: false + unit: decbytes + pluginVersion: 10.4.1 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(increase(coredns_dns_response_size_bytes_bucket{instance=~"$instance", le!="0", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (le) + format: heatmap + legendFormat: '{{`{{`}}le{{`}}`}}' + range: true + refId: A + title: CoreDNS - DNS response size + type: heatmap +refresh: 30s +schemaVersion: 39 +tags: +- Kubernetes +- Prometheus +- vm-k8s-stack +templating: + list: + - current: + selected: false + text: Prometheus + value: Prometheus + hide: 0 + includeAll: false + multi: false + name: datasource + options: [] + query: {{ $defaultDatasource }} + queryValue: '' + refresh: 1 + regex: '' + skipUrlSync: false + type: datasource + - current: + isNone: true + selected: false + text: None + value: '' + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(kube_node_info,{{ $clusterLabel }}) + hide: {{ ternary 0 2 $multicluster }} + includeAll: false + multi: false + name: cluster + options: [] + query: {{ ternary (b64dec "eyJxcnlUeXBlIjogMSwgInF1ZXJ5IjogImxhYmVsX3ZhbHVlcyhrdWJlX25vZGVfaW5mbyxjbHVzdGVyKSIsICJyZWZJZCI6ICJQcm9tZXRoZXVzVmFyaWFibGVRdWVyeUVkaXRvci1WYXJpYWJsZVF1ZXJ5In0=" | replace "cluster" $clusterLabel) ".*" $multicluster }} + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + type: {{ ternary "query" "constant" $multicluster }} + - allValue: .* + current: + selected: false + text: All + value: $__all + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(up{job="$job", {{ $clusterLabel }}=~"$cluster"},instance) + hide: 0 + includeAll: true + label: '' + multi: false + name: instance + options: [] + query: + qryType: 1 + query: label_values(up{job="$job", {{ $clusterLabel }}=~"$cluster"},instance) + refId: PrometheusVariableQueryEditor-VariableQuery + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + tagValuesQuery: '' + tagsQuery: '' + type: query + useTags: false + - allValue: udp,tcp + current: + selected: false + text: udp + value: udp + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(coredns_dns_requests_total{ {{ $clusterLabel }}=~"$cluster"}, proto) + hide: 0 + includeAll: false + label: '' + multi: false + name: protocol + options: [] + query: + query: label_values(coredns_dns_requests_total{ {{ $clusterLabel }}=~"$cluster"}, proto) + refId: StandardVariableQuery + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + tagValuesQuery: '' + tagsQuery: '' + type: query + useTags: false + - current: + selected: false + text: 30s + value: 30s + hide: 0 + includeAll: false + multi: false + name: resolution + options: + - selected: false + text: 1s + value: 1s + - selected: false + text: 15s + value: 15s + - selected: true + text: 30s + value: 30s + - selected: false + text: 1m + value: 1m + - selected: false + text: 3m + value: 3m + - selected: false + text: 5m + value: 5m + query: 1s, 15s, 30s, 1m, 3m, 5m + queryValue: '' + skipUrlSync: false + type: custom + - current: + selected: true + text: + - coredns + value: + - coredns + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(coredns_build_info{ {{ $clusterLabel }}=~"$cluster"},job) + hide: 0 + includeAll: false + multi: true + name: job + options: [] + query: + qryType: 1 + query: label_values(coredns_build_info{ {{ $clusterLabel }}=~"$cluster"},job) + refId: PrometheusVariableQueryEditor-VariableQuery + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + type: query +time: + from: now-1h + to: now +timepicker: {} +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: Kubernetes / System / CoreDNS +uid: k8s_system_coredns +version: 20 +weekStart: '' diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-views-global.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-views-global.yaml new file mode 100644 index 0000000..b2930ec --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-views-global.yaml @@ -0,0 +1,2669 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +__elements: {} +__inputs: +- description: '' + label: Prometheus + name: DS_PROMETHEUS + pluginId: prometheus + pluginName: Prometheus + type: datasource +__requires: +- id: bargauge + name: Bar gauge + type: panel + version: '' +- id: grafana + name: Grafana + type: grafana + version: 10.3.1 +- id: prometheus + name: Prometheus + type: datasource + version: 1.0.0 +- id: stat + name: Stat + type: panel + version: '' +- id: timeseries + name: Time series + type: panel + version: '' +annotations: + list: + - builtIn: 1 + datasource: + type: datasource + uid: grafana + enable: true + hide: true + iconColor: rgba(0, 211, 255, 1) + name: Annotations & Alerts + target: + limit: 100 + matchAny: false + tags: [] + type: dashboard + type: dashboard + - datasource: + type: datasource + uid: grafana + enable: true + hide: false + iconColor: '#5c4ee5' + name: terraform + target: + limit: 100 + matchAny: false + tags: + - terraform + type: tags + - datasource: + type: datasource + uid: grafana + enable: true + hide: false + iconColor: red + name: oncall + target: + limit: 100 + matchAny: false + tags: + - oncall + type: tags +condition: {{ ($Values.kubelet).enabled }} +description: 'This is a modern ''Global View'' dashboard for your Kubernetes cluster(s). Made for kube-prometheus-stack and take advantage of the latest Grafana features. GitHub repository: https://github.com/dotdc/grafana-dashboards-kubernetes' +editable: false +fiscalYearStartMonth: 0 +graphTooltip: 1 +links: [] +liveNow: false +panels: +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 0 + id: 67 + panels: [] + title: Overview + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: continuous-GrYlRd + mappings: [] + max: 1 + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 6 + x: 0 + 'y': 1 + id: 77 + options: + displayMode: lcd + maxVizHeight: 300 + minVizHeight: 10 + minVizWidth: 0 + namePlacement: auto + orientation: horizontal + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showUnfilled: true + sizing: auto + valueMode: color + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: avg(sum by (instance, cpu) (rate(node_cpu_seconds_total{mode!~"idle|iowait|steal", {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval]))) + interval: '' + legendFormat: Real Linux + range: true + refId: Real Linux + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: avg(sum by (core) (rate(windows_cpu_time_total{mode!="idle", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]))) + hide: false + interval: '' + legendFormat: Real Windows + range: true + refId: Real Windows + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_resource_requests{resource="cpu", {{ $clusterLabel }}=~"$cluster"}) / sum(machine_cpu_cores{ {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Requests + range: true + refId: Requests + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_resource_limits{resource="cpu", {{ $clusterLabel }}=~"$cluster"}) / sum(machine_cpu_cores{ {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Limits + range: true + refId: Limits + title: Global CPU Usage + transformations: + - id: calculateField + options: + alias: Real + mode: reduceRow + reduce: + include: + - Real Linux + - Real Windows + reducer: mean + - id: organize + options: + excludeByName: + Real Linux: true + Real Windows: true + Time: true + indexByName: + Limits: 5 + Real: 1 + Real Linux: 2 + Real Windows: 3 + Requests: 4 + Time: 0 + renameByName: {} + type: bargauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: continuous-GrYlRd + decimals: 2 + mappings: [] + max: 1 + min: 0 + thresholds: + mode: percentage + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 6 + x: 6 + 'y': 1 + id: 78 + options: + displayMode: lcd + maxVizHeight: 300 + minVizHeight: 10 + minVizWidth: 0 + namePlacement: auto + orientation: horizontal + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showUnfilled: true + sizing: auto + text: {} + valueMode: color + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(node_memory_MemTotal_bytes{ {{ $clusterLabel }}=~"$cluster", job="$job"} - node_memory_MemAvailable_bytes{ {{ $clusterLabel }}=~"$cluster", job="$job"}) / sum(node_memory_MemTotal_bytes{ {{ $clusterLabel }}=~"$cluster", job="$job"}) + hide: false + interval: '' + legendFormat: Real Linux + range: true + refId: Real Linux + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(windows_memory_available_bytes{ {{ $clusterLabel }}=~"$cluster"} + windows_memory_cache_bytes{ {{ $clusterLabel }}=~"$cluster"}) / sum(windows_os_visible_memory_bytes{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Real Windows + range: true + refId: Real Windows + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_resource_requests{resource="memory", {{ $clusterLabel }}=~"$cluster"}) / sum(machine_memory_bytes{ {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Requests + range: true + refId: Requests + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_resource_limits{resource="memory", {{ $clusterLabel }}=~"$cluster"}) / sum(machine_memory_bytes{ {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Limits + range: true + refId: Limits + title: Global RAM Usage + transformations: + - id: calculateField + options: + alias: Real + mode: reduceRow + reduce: + include: + - Real Linux + - Real Windows + reducer: mean + - id: organize + options: + excludeByName: + Real Linux: true + Real Windows: true + Time: true + includeByName: {} + indexByName: + Limits: 5 + Real: 3 + Real Linux: 1 + Real Windows: 2 + Requests: 4 + Time: 0 + renameByName: {} + type: bargauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + mappings: [] + noValue: '0' + thresholds: + mode: absolute + steps: + - color: blue + value: null + overrides: [] + gridPos: + h: 4 + w: 2 + x: 12 + 'y': 1 + id: 63 + options: + colorMode: value + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - last + fields: '' + values: false + showPercentChange: false + text: {} + textMode: value + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: count(count by (node) (kube_node_info{ {{ $clusterLabel }}=~"$cluster"})) + interval: '' + legendFormat: '' + range: true + refId: A + title: Nodes + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 12 + w: 10 + x: 14 + 'y': 1 + id: 52 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(kube_namespace_labels{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Namespaces + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_pod_container_status_running{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Running Containers + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_pod_status_phase{phase="Running", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Running Pods + refId: O + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_service_info{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Services + refId: C + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_endpoint_info{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Endpoints + refId: D + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_ingress_info{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Ingresses + refId: E + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_deployment_labels{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Deployments + refId: F + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_statefulset_labels{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Statefulsets + refId: G + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_daemonset_labels{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Daemonsets + refId: H + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_persistentvolumeclaim_info{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Persistent Volume Claims + refId: I + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_hpa_labels{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Horizontal Pod Autoscalers + refId: J + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_configmap_info{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Configmaps + refId: K + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_secret_info{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Secrets + refId: L + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_networkpolicy_labels{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Network Policies + refId: M + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: count(count by (node) (kube_node_info{ {{ $clusterLabel }}=~"$cluster"})) + hide: false + interval: '' + legendFormat: Nodes + refId: N + title: Kubernetes Resource Count + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + mappings: [] + noValue: '0' + thresholds: + mode: absolute + steps: + - color: blue + value: null + overrides: [] + gridPos: + h: 4 + w: 2 + x: 12 + 'y': 5 + id: 59 + options: + colorMode: value + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - last + fields: '' + values: false + showPercentChange: false + text: {} + textMode: value + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: count(kube_namespace_created{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: '' + refId: A + title: Namespaces + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + mappings: [] + noValue: '0' + thresholds: + mode: absolute + steps: + - color: rgb(255, 255, 255) + value: null + unit: none + overrides: [] + gridPos: + h: 4 + w: 6 + x: 0 + 'y': 9 + id: 37 + options: + colorMode: none + graphMode: none + justifyMode: center + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(node_cpu_seconds_total{mode!~"idle|iowait|steal", {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval])) + interval: '' + legendFormat: Real Linux + range: true + refId: Real Linux + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(windows_cpu_time_total{mode!="idle", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + hide: false + interval: '' + legendFormat: Real Windows + range: true + refId: Real Windows + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_resource_requests{resource="cpu", {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Requests + range: true + refId: Requests + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_resource_limits{resource="cpu", {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Limits + range: true + refId: Limits + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(machine_cpu_cores{ {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Total + range: true + refId: Total + title: CPU Usage + transformations: + - id: calculateField + options: + alias: Real + mode: reduceRow + reduce: + include: + - Real Linux + - Real Windows + reducer: sum + - id: organize + options: + excludeByName: + Real Linux: true + Real Windows: true + Time: true + Total Linux: true + Total Windows: true + indexByName: + Limits: 5 + Real: 3 + Real Linux: 1 + Real Windows: 2 + Requests: 4 + Time: 0 + Total: 8 + Total Linux: 6 + Total Windows: 7 + renameByName: {} + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + mappings: [] + noValue: '0' + thresholds: + mode: absolute + steps: + - color: rgb(255, 255, 255) + value: null + unit: bytes + overrides: [] + gridPos: + h: 4 + w: 6 + x: 6 + 'y': 9 + id: 39 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(node_memory_MemTotal_bytes{ {{ $clusterLabel }}=~"$cluster", job="$job"} - node_memory_MemAvailable_bytes{ {{ $clusterLabel }}=~"$cluster", job="$job"}) + interval: '' + legendFormat: Real Linux + range: true + refId: Real Linux + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(windows_os_visible_memory_bytes{ {{ $clusterLabel }}=~"$cluster"} - windows_memory_available_bytes{ {{ $clusterLabel }}=~"$cluster"} - windows_memory_cache_bytes{ {{ $clusterLabel }}=~"$cluster"}) + hide: false + interval: '' + legendFormat: Real Windows + range: true + refId: Real Windows + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_resource_requests{resource="memory", {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Requests + range: true + refId: Requests + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_resource_limits{resource="memory", {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Limits + range: true + refId: Limits + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(machine_memory_bytes{ {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Total + range: true + refId: Total + title: RAM Usage + transformations: + - id: calculateField + options: + alias: Real + mode: reduceRow + reduce: + include: + - Real Linux + - Real Windows + reducer: mean + - id: organize + options: + excludeByName: + Real Linux: true + Real Windows: true + Time: true + includeByName: {} + indexByName: + Limits: 5 + Real: 3 + Real Linux: 1 + Real Windows: 2 + Requests: 4 + Time: 0 + Total: 6 + renameByName: {} + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + mappings: [] + noValue: '0' + thresholds: + mode: absolute + steps: + - color: blue + value: null + overrides: [] + gridPos: + h: 4 + w: 2 + x: 12 + 'y': 9 + id: 62 + options: + colorMode: value + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - last + fields: '' + values: false + showPercentChange: false + text: {} + textMode: value + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_pod_status_phase{phase="Running", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: '' + refId: A + title: Running Pods + type: stat +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 13 + id: 71 + panels: [] + title: Resources + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: continuous-GrYlRd + seriesBy: last + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: CPU % + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: scheme + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: yellow + value: 0.5 + - color: red + value: 0.7 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 14 + id: 72 + options: + legend: + calcs: [] + displayMode: hidden + placement: right + showLegend: false + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: avg(sum by (instance, cpu) (rate(node_cpu_seconds_total{mode!~"idle|iowait|steal", {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval]))) + interval: $resolution + legendFormat: Linux + range: true + refId: Linux + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: 1 - avg(rate(windows_cpu_time_total{ {{ $clusterLabel }}=~"$cluster",mode="idle"}[$__rate_interval])) + hide: false + interval: $resolution + legendFormat: Windows + range: true + refId: Windows + title: Cluster CPU Utilization + transformations: + - id: calculateField + options: + alias: CPU usage in % + mode: reduceRow + reduce: + reducer: mean + replaceFields: true + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: continuous-GrYlRd + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: MEMORY + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: scheme + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: '#EAB839' + value: 0.5 + - color: red + value: 0.7 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 14 + id: 55 + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: hidden + placement: right + showLegend: false + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(node_memory_MemTotal_bytes{ {{ $clusterLabel }}=~"$cluster", job="$job"} - node_memory_MemAvailable_bytes{ {{ $clusterLabel }}=~"$cluster", job="$job"}) / sum(node_memory_MemTotal_bytes{ {{ $clusterLabel }}=~"$cluster", job="$job"}) + interval: $resolution + legendFormat: Linux + range: true + refId: Linux + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(windows_os_visible_memory_bytes{ {{ $clusterLabel }}=~"$cluster"} - windows_memory_available_bytes{ {{ $clusterLabel }}=~"$cluster"}) / sum(windows_os_visible_memory_bytes{ {{ $clusterLabel }}=~"$cluster"}) + hide: false + interval: $resolution + legendFormat: Windows + range: true + refId: Windows + title: Cluster Memory Utilization + transformations: + - id: calculateField + options: + alias: Memory usage in % + mode: reduceRow + reduce: + reducer: mean + replaceFields: true + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: CPU CORES + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 22 + id: 46 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: single + sort: none + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: |- + sum(rate(container_cpu_usage_seconds_total{image!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (namespace) + + on (namespace) + (sum(rate(windows_container_cpu_usage_seconds_total{container_id!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) * on (container_id) group_left (container, pod, namespace) max by ( container, container_id, pod, namespace) (kube_pod_container_info{container_id!="", {{ $clusterLabel }}=~"$cluster"}) OR kube_namespace_created{ {{ $clusterLabel }}=~"$cluster"} * 0) by (namespace)) + format: time_series + hide: false + interval: $resolution + legendFormat: '{{`{{`}} namespace {{`}}`}}' + range: true + refId: A + title: CPU Utilization by namespace + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 22 + id: 50 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: |- + sum(container_memory_working_set_bytes{image!="", {{ $clusterLabel }}=~"$cluster"}) by (namespace) + + on (namespace) + (sum(windows_container_memory_usage_commit_bytes{container_id!="", {{ $clusterLabel }}=~"$cluster"} * on (container_id) group_left (container, pod, namespace) max by ( container, container_id, pod, namespace) (kube_pod_container_info{container_id!="", {{ $clusterLabel }}=~"$cluster"}) OR kube_namespace_created{ {{ $clusterLabel }}=~"$cluster"} * 0) by (namespace)) + interval: $resolution + legendFormat: '{{`{{`}} namespace {{`}}`}}' + range: true + refId: A + title: Memory Utilization by namespace + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: CPU % + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 30 + id: 54 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: avg(sum by (instance, cpu) (rate(node_cpu_seconds_total{mode!~"idle|iowait|steal", {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval]))) by (instance) + interval: $resolution + legendFormat: '{{`{{`}} node {{`}}`}}' + range: true + refId: Linux + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: avg(sum by (instance,core) (rate(windows_cpu_time_total{mode!="idle", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]))) by (instance) + hide: false + interval: $resolution + legendFormat: '{{`{{`}} node {{`}}`}}' + range: true + refId: Windows + title: CPU Utilization by instance + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: MEMORY + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 30 + id: 73 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(node_memory_MemTotal_bytes{ {{ $clusterLabel }}=~"$cluster", job="$job"} - node_memory_MemAvailable_bytes{ {{ $clusterLabel }}=~"$cluster", job="$job"}) by (instance) + hide: false + interval: $resolution + legendFormat: '{{`{{`}} instance {{`}}`}}' + range: true + refId: Linux + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(windows_os_visible_memory_bytes{ {{ $clusterLabel }}=~"$cluster"} - windows_memory_available_bytes{ {{ $clusterLabel }}=~"$cluster"}) by (instance) + hide: false + interval: $resolution + legendFormat: '{{`{{`}} instance {{`}}`}}' + range: true + refId: Windows + title: Memory Utilization by instance + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: No data is generally a good thing here. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: SECONDS + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 38 + id: 82 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(container_cpu_cfs_throttled_seconds_total{image!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (namespace) > 0 + interval: $resolution + legendFormat: '{{`{{`}} namespace {{`}}`}}' + range: true + refId: A + title: CPU Throttled seconds by namespace + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: No data is generally a good thing here. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: NB + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 38 + id: 83 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(node_cpu_core_throttles_total{ {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval])) by (instance) + interval: $resolution + legendFormat: '{{`{{`}} instance {{`}}`}}' + range: true + refId: A + title: CPU Core Throttled by instance + type: timeseries +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 46 + id: 86 + panels: [] + title: Kubernetes + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 9 + w: 12 + x: 0 + 'y': 47 + id: 84 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(kube_pod_status_qos_class{ {{ $clusterLabel }}=~"$cluster"}) by (qos_class) + interval: '' + legendFormat: '{{`{{`}} qos_class {{`}}`}} pods' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_info{ {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Total pods + range: true + refId: B + title: Kubernetes Pods QoS classes + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 9 + w: 12 + x: 12 + 'y': 47 + id: 85 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(kube_pod_status_reason{ {{ $clusterLabel }}=~"$cluster"}) by (reason) + interval: '' + legendFormat: '{{`{{`}} reason {{`}}`}}' + range: true + refId: A + title: Kubernetes Pods Status Reason + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: No data is generally a good thing here. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: points + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 9 + w: 12 + x: 0 + 'y': 56 + id: 87 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(increase(container_oom_events_total{ {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (namespace) > 0 + interval: '' + legendFormat: '{{`{{`}} namespace {{`}}`}}' + range: true + refId: A + title: OOM Events by namespace + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: No data is generally a good thing here. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: points + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 9 + w: 12 + x: 12 + 'y': 56 + id: 88 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(increase(kube_pod_container_status_restarts_total{ {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (namespace) > 0 + interval: '' + legendFormat: '{{`{{`}} namespace {{`}}`}}' + range: true + refId: A + title: Container Restarts by namespace + type: timeseries +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 65 + id: 69 + panels: [] + title: Network + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Dropped noisy virtual devices for readability. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: BANDWIDTH + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: binBps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 66 + id: 44 + options: + legend: + calcs: [] + displayMode: hidden + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(node_network_receive_bytes_total{device!~"(veth|azv|lxc).*", {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval])) by (device) + interval: $resolution + legendFormat: 'Received : {{`{{`}} device {{`}}`}}' + range: true + refId: Linux Received + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: '- sum(rate(node_network_transmit_bytes_total{device!~"(veth|azv|lxc).*", {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval])) by (device)' + interval: $resolution + legendFormat: 'Transmitted : {{`{{`}} device {{`}}`}}' + range: true + refId: Linux Transmitted + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(windows_net_bytes_received_total{ {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (nic) + hide: false + interval: $resolution + legendFormat: 'Received : {{`{{`}} nic {{`}}`}}' + range: true + refId: Windows Received + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: '- sum(rate(windows_net_bytes_sent_total{ {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (nic)' + hide: false + interval: $resolution + legendFormat: 'Transmitted : {{`{{`}} device {{`}}`}}' + range: true + refId: Windows Transmitted + title: Global Network Utilization by device + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: DROPPED PACKETS + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 66 + id: 53 + options: + legend: + calcs: [] + displayMode: hidden + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(node_network_receive_drop_total{ {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval])) + interval: $resolution + legendFormat: Linux Packets dropped (receive) + range: true + refId: Linux Packets dropped (receive) + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: '- sum(rate(node_network_transmit_drop_total{ {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval]))' + interval: $resolution + legendFormat: Linux Packets dropped (transmit) + range: true + refId: Linux Packets dropped (transmit) + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(windows_net_packets_received_discarded_total{ {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + hide: false + interval: $resolution + legendFormat: Windows Packets dropped (receive) + range: true + refId: Windows Packets dropped (receive) + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: '- sum(rate(windows_net_packets_outbound_discarded_total{ {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]))' + hide: false + interval: $resolution + legendFormat: Windows Packets dropped (transmit) + range: true + refId: Windows Packets dropped (transmit) + title: Network Saturation - Packets dropped + transformations: + - id: calculateField + options: + alias: Packets dropped (receive) + mode: reduceRow + reduce: + include: + - Linux Packets dropped (receive) + - Windows Packets dropped (receive) + reducer: mean + - id: calculateField + options: + alias: Packets dropped (transmit) + mode: reduceRow + reduce: + include: + - Linux Packets dropped (transmit) + - Windows Packets dropped (transmit) + reducer: mean + - id: organize + options: + excludeByName: + Linux Packets dropped (receive): true + Linux Packets dropped (transmit): true + Time: false + Windows Packets dropped (receive): true + Windows Packets dropped (transmit): true + includeByName: {} + indexByName: {} + renameByName: {} + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: BANDWIDTH + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: binBps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 74 + id: 79 + options: + legend: + calcs: [] + displayMode: hidden + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: |- + sum(rate(container_network_receive_bytes_total{ {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (namespace) + + on (namespace) + (sum(rate(windows_container_network_receive_bytes_total{container_id!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) * on (container_id) group_left (container, pod, namespace) max by ( container, container_id, pod, namespace) (kube_pod_container_info{container_id!="", {{ $clusterLabel }}=~"$cluster"}) OR kube_namespace_created{ {{ $clusterLabel }}=~"$cluster"} * 0) by (namespace)) + interval: $resolution + legendFormat: 'Received : {{`{{`}} namespace {{`}}`}}' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: |- + - (sum(rate(container_network_transmit_bytes_total{ {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (namespace) + + on (namespace) + (sum(rate(windows_container_network_transmit_bytes_total{container_id!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) * on (container_id) group_left (container, pod, namespace) max by ( container, container_id, pod, namespace) (kube_pod_container_info{container_id!="", {{ $clusterLabel }}=~"$cluster"}) OR kube_namespace_created{ {{ $clusterLabel }}=~"$cluster"} * 0) by (namespace))) + hide: false + interval: $resolution + legendFormat: 'Transmitted : {{`{{`}} namespace {{`}}`}}' + range: true + refId: B + title: Network Received by namespace + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: BANDWIDTH + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: binBps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 74 + id: 80 + options: + legend: + calcs: [] + displayMode: hidden + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(node_network_receive_bytes_total{ {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval])) by (instance) + interval: $resolution + legendFormat: Received bytes in {{`{{`}} instance {{`}}`}} + range: true + refId: Linux Received bytes + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: '- sum(rate(node_network_transmit_bytes_total{ {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval])) by (instance)' + hide: false + interval: $resolution + legendFormat: Transmitted bytes in {{`{{`}} instance {{`}}`}} + range: true + refId: Linux Transmitted bytes + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(windows_net_bytes_received_total{ {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (instance) + hide: false + interval: $resolution + legendFormat: Received bytes in {{`{{`}} instance {{`}}`}} + range: true + refId: Windows Received bytes + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: '- sum(rate(windows_net_bytes_sent_total{ {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (instance)' + hide: false + interval: $resolution + legendFormat: Transmitted bytes in {{`{{`}} instance {{`}}`}} + range: true + refId: Windows Transmitted bytes + title: Total Network Received (with all virtual devices) by instance + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Dropped noisy virtual devices for readability. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: BANDWIDTH + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: binBps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 82 + id: 56 + options: + legend: + calcs: [] + displayMode: hidden + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(node_network_receive_bytes_total{device!~"(veth|azv|lxc|lo).*", {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval])) by (instance) + interval: $resolution + legendFormat: Received bytes in {{`{{`}} instance {{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: '- sum(rate(node_network_transmit_bytes_total{device!~"(veth|azv|lxc|lo).*", {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval])) by (instance)' + hide: false + interval: $resolution + legendFormat: Transmitted bytes in {{`{{`}} instance {{`}}`}} + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(windows_net_bytes_received_total{nic!~".*Virtual.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (instance) + hide: false + interval: $resolution + legendFormat: Received bytes in {{`{{`}} instance {{`}}`}} + range: true + refId: C + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: '- sum(rate(windows_net_bytes_sent_total{nic!~".*Virtual.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (instance)' + hide: false + interval: $resolution + legendFormat: Transmitted bytes in {{`{{`}} instance {{`}}`}} + range: true + refId: D + title: Network Received (without loopback) by instance + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Dropped noisy virtual devices for readability. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: BANDWIDTH + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: binBps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 82 + id: 81 + options: + legend: + calcs: [] + displayMode: hidden + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(node_network_receive_bytes_total{device="lo", {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval])) by (instance) + interval: $resolution + legendFormat: Received bytes in {{`{{`}} instance {{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: '- sum(rate(node_network_transmit_bytes_total{device="lo", {{ $clusterLabel }}=~"$cluster", job="$job"}[$__rate_interval])) by (instance)' + hide: false + interval: $resolution + legendFormat: Transmitted bytes in {{`{{`}} instance {{`}}`}} + range: true + refId: B + title: Network Received (loopback only) by instance + type: timeseries +refresh: 30s +schemaVersion: 39 +tags: +- Kubernetes +- Prometheus +- vm-k8s-stack +templating: + list: + - current: + selected: false + text: '' + value: '' + hide: 0 + includeAll: false + multi: false + name: datasource + options: [] + query: {{ $defaultDatasource }} + queryValue: '' + refresh: 1 + regex: '' + skipUrlSync: false + type: datasource + - current: {} + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(kube_node_info,{{ $clusterLabel }}) + hide: {{ ternary 0 2 $multicluster }} + includeAll: false + multi: false + name: cluster + options: [] + query: {{ ternary (b64dec "eyJxcnlUeXBlIjogMSwgInF1ZXJ5IjogImxhYmVsX3ZhbHVlcyhrdWJlX25vZGVfaW5mbyxjbHVzdGVyKSIsICJyZWZJZCI6ICJQcm9tZXRoZXVzVmFyaWFibGVRdWVyeUVkaXRvci1WYXJpYWJsZVF1ZXJ5In0=" | replace "cluster" $clusterLabel) ".*" $multicluster }} + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + type: {{ ternary "query" "constant" $multicluster }} + - current: + selected: false + text: 30s + value: 30s + hide: 0 + includeAll: false + multi: false + name: resolution + options: + - selected: false + text: 1s + value: 1s + - selected: false + text: 15s + value: 15s + - selected: true + text: 30s + value: 30s + - selected: false + text: 1m + value: 1m + - selected: false + text: 3m + value: 3m + - selected: false + text: 5m + value: 5m + query: 1s, 15s, 30s, 1m, 3m, 5m + queryValue: '' + skipUrlSync: false + type: custom + - current: + selected: false + text: '' + value: '' + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(node_cpu_seconds_total{ {{ $clusterLabel }}=~"$cluster"},job) + hide: 0 + includeAll: false + multi: true + name: job + options: [] + query: + qryType: 1 + query: label_values(node_cpu_seconds_total{ {{ $clusterLabel }}=~"$cluster"},job) + refId: PrometheusVariableQueryEditor-VariableQuery + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + type: query +time: + from: now-1h + to: now +timepicker: {} +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: Kubernetes / Views / Global +uid: k8s_views_global +version: 43 +weekStart: '' diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-views-namespaces.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-views-namespaces.yaml new file mode 100644 index 0000000..e61e568 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-views-namespaces.yaml @@ -0,0 +1,2269 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +__elements: {} +__inputs: +- description: '' + label: Prometheus + name: DS_PROMETHEUS + pluginId: prometheus + pluginName: Prometheus + type: datasource +__requires: +- id: gauge + name: Gauge + type: panel + version: '' +- id: grafana + name: Grafana + type: grafana + version: 10.3.1 +- id: prometheus + name: Prometheus + type: datasource + version: 1.0.0 +- id: stat + name: Stat + type: panel + version: '' +- id: timeseries + name: Time series + type: panel + version: '' +annotations: + list: + - builtIn: 1 + datasource: + type: datasource + uid: grafana + enable: true + hide: true + iconColor: rgba(0, 211, 255, 1) + name: Annotations & Alerts + target: + limit: 100 + matchAny: false + tags: [] + type: dashboard + type: dashboard + - datasource: + type: datasource + uid: grafana + enable: true + hide: false + iconColor: '#5c4ee5' + name: terraform + target: + limit: 100 + matchAny: false + tags: + - terraform + type: tags + - datasource: + type: datasource + uid: grafana + enable: true + hide: false + iconColor: red + name: oncall + target: + limit: 100 + matchAny: false + tags: + - oncall + type: tags +condition: {{ ($Values.kubelet).enabled }} +description: 'This is a modern ''Namespaces View'' dashboard for your Kubernetes cluster(s). Made for kube-prometheus-stack and take advantage of the latest Grafana features. GitHub repository: https://github.com/dotdc/grafana-dashboards-kubernetes' +editable: false +fiscalYearStartMonth: 0 +graphTooltip: 1 +links: [] +liveNow: false +panels: +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: grafana + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 0 + id: 38 + panels: [] + title: Overview + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + decimals: 2 + mappings: [] + max: 1 + min: 0 + thresholds: + mode: percentage + steps: + - color: green + value: null + - color: orange + value: 50 + - color: red + value: 70 + unit: percentunit + overrides: [] + gridPos: + h: 7 + w: 6 + x: 0 + 'y': 1 + id: 46 + options: + minVizHeight: 75 + minVizWidth: 75 + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showThresholdLabels: false + showThresholdMarkers: true + sizing: auto + text: {} + pluginVersion: 11.2.1 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: sum(rate(container_cpu_usage_seconds_total{namespace=~"$namespace", image!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) / sum(machine_cpu_cores{ {{ $clusterLabel }}=~"$cluster"}) + instant: true + interval: '' + legendFormat: '' + range: false + refId: A + title: Namespace(s) usage on total cluster CPU in % + type: gauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + decimals: 2 + mappings: [] + max: 1 + min: 0 + thresholds: + mode: percentage + steps: + - color: green + value: null + - color: orange + value: 50 + - color: red + value: 70 + unit: percentunit + overrides: [] + gridPos: + h: 7 + w: 6 + x: 6 + 'y': 1 + id: 48 + options: + minVizHeight: 75 + minVizWidth: 75 + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showThresholdLabels: false + showThresholdMarkers: true + sizing: auto + text: {} + pluginVersion: 11.2.1 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(container_memory_working_set_bytes{namespace=~"$namespace", image!="", {{ $clusterLabel }}=~"$cluster"}) / sum(machine_memory_bytes{ {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: '' + refId: A + title: Namespace(s) usage on total cluster RAM in % + type: gauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 11 + w: 12 + x: 12 + 'y': 1 + id: 32 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_pod_info{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Running Pods + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_service_info{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Services + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_ingress_info{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Ingresses + refId: C + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_deployment_labels{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Deployments + refId: D + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_statefulset_labels{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Statefulsets + refId: E + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_daemonset_labels{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Daemonsets + refId: F + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_persistentvolumeclaim_info{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Persistent Volume Claims + refId: G + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_hpa_labels{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Horizontal Pod Autoscalers + refId: H + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_configmap_info{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Configmaps + refId: I + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_secret_info{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Secrets + refId: J + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_networkpolicy_labels{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Network Policies + refId: K + title: Kubernetes Resource Count + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + mappings: [] + noValue: '0' + thresholds: + mode: absolute + steps: + - color: rgb(255, 255, 255) + value: null + unit: none + overrides: [] + gridPos: + h: 4 + w: 6 + x: 0 + 'y': 8 + id: 62 + options: + colorMode: none + graphMode: none + justifyMode: center + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.2.1 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(container_cpu_usage_seconds_total{namespace=~"$namespace", image!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: '' + legendFormat: Real + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_resource_requests{namespace=~"$namespace", resource="cpu", {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Requests + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_resource_limits{namespace=~"$namespace", resource="cpu", {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Limits + range: true + refId: C + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(machine_cpu_cores{ {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Cluster Total + range: true + refId: D + title: Namespace(s) CPU Usage in cores + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + mappings: [] + noValue: '0' + thresholds: + mode: absolute + steps: + - color: rgb(255, 255, 255) + value: null + unit: bytes + overrides: [] + gridPos: + h: 4 + w: 6 + x: 6 + 'y': 8 + id: 64 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.2.1 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(container_memory_working_set_bytes{namespace=~"$namespace", image!="", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Real + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_resource_requests{namespace=~"$namespace", resource="memory", {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Requests + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_resource_limits{namespace=~"$namespace", resource="memory", {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Limits + range: true + refId: C + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(machine_memory_bytes{ {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Cluster Total + range: true + refId: D + title: Namespace(s) RAM Usage in bytes + type: stat +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: grafana + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 12 + id: 40 + panels: [] + title: Resources + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: CPU CORES + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 13 + id: 29 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(container_cpu_usage_seconds_total{namespace=~"$namespace", image!="", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (pod) + interval: $resolution + legendFormat: '{{`{{`}} pod {{`}}`}}' + range: true + refId: A + title: CPU usage by Pod + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 13 + id: 30 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(container_memory_working_set_bytes{namespace=~"$namespace", image!="", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}) by (pod) + interval: $resolution + legendFormat: '{{`{{`}} pod {{`}}`}}' + range: true + refId: A + title: Memory usage by Pod + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: SECONDS + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 21 + id: 68 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(container_cpu_cfs_throttled_seconds_total{namespace=~"$namespace", image!="", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (pod) > 0 + interval: $resolution + legendFormat: '{{`{{`}} pod {{`}}`}}' + range: true + refId: A + title: CPU Throttled seconds by pod + type: timeseries +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 29 + id: 73 + panels: [] + title: Kubernetes + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 9 + w: 12 + x: 0 + 'y': 30 + id: 70 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(kube_pod_status_qos_class{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) by (qos_class) + interval: '' + legendFormat: '{{`{{`}} qos_class {{`}}`}} pods' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_info{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + hide: false + legendFormat: Total pods + range: true + refId: B + title: Kubernetes Pods QoS classes + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 9 + w: 12 + x: 12 + 'y': 30 + id: 72 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(kube_pod_status_reason{ {{ $clusterLabel }}=~"$cluster"}) by (reason) + interval: '' + legendFormat: '{{`{{`}} reason {{`}}`}}' + range: true + refId: A + title: Kubernetes Pods Status Reason + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: No data is generally a good thing here. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: points + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 9 + w: 12 + x: 0 + 'y': 39 + id: 74 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(increase(container_oom_events_total{namespace=~"${namespace}", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (namespace, pod) > 0 + interval: '' + legendFormat: 'namespace: {{`{{`}} namespace {{`}}`}} - pod: {{`{{`}} pod {{`}}`}}' + range: true + refId: A + title: OOM Events by namespace, pod + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: No data is generally a good thing here. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: points + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 9 + w: 12 + x: 12 + 'y': 39 + id: 75 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(increase(kube_pod_container_status_restarts_total{namespace=~"${namespace}", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (namespace, pod) > 0 + interval: '' + legendFormat: 'namespace: {{`{{`}} namespace {{`}}`}} - pod: {{`{{`}} pod {{`}}`}}' + range: true + refId: A + title: Container Restarts by namespace, pod + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 48 + id: 5 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_status_ready{namespace=~"$namespace", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Ready + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_status_running{namespace=~"$namespace", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Running + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_pod_container_status_waiting{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Waiting + refId: C + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_pod_container_status_restarts_total{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Restarts Total + refId: D + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(kube_pod_container_status_terminated{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: Terminated + refId: E + title: Nb of pods by state + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 48 + id: 2 + options: + legend: + calcs: [] + displayMode: hidden + placement: right + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_container_info{namespace=~"$namespace", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}) by (pod) + interval: '' + legendFormat: '{{`{{`}} pod {{`}}`}}' + range: true + refId: A + title: Nb of containers by pod + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 56 + id: 7 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(kube_deployment_status_replicas_available{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) by (deployment) + interval: '' + legendFormat: '{{`{{`}} deployment {{`}}`}}' + range: true + refId: A + title: Replicas available by deployment + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 56 + id: 8 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_deployment_status_replicas_unavailable{namespace=~"$namespace", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}) by (deployment) + interval: '' + legendFormat: '{{`{{`}} deployment {{`}}`}}' + range: true + refId: A + title: Replicas unavailable by deployment + type: timeseries +- datasource: + default: false + type: {{ $defaultDatasource }} + uid: ${datasource} + description: List of pods that are not in Running or Succeeded status. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 64 + id: 83 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(kube_pod_status_phase{phase!~"Running|Succeeded", namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) by (pod) > 0 + interval: '' + legendFormat: '{{`{{`}} deployment {{`}}`}}' + range: true + refId: A + title: Pods with unexpected status + type: timeseries +- datasource: + default: false + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: bars + fillOpacity: 25 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 64 + id: 82 + options: + legend: + calcs: + - min + - max + - last + displayMode: table + placement: right + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: count(rate(container_cpu_usage_seconds_total{namespace=~"$namespace", image!="", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (image) + interval: '' + legendFormat: '{{`{{`}} image {{`}}`}}' + range: true + refId: A + title: Container Image Used + type: timeseries +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: grafana + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 72 + id: 42 + panels: [] + title: Kubernetes Storage + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 73 + id: 65 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(kubelet_volume_stats_used_bytes{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) by (persistentvolumeclaim) / sum(kubelet_volume_stats_capacity_bytes{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) by (persistentvolumeclaim) + interval: '' + legendFormat: '{{`{{`}} persistentvolumeclaim {{`}}`}}' + refId: A + title: Persistent Volumes - Capacity and usage in % + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 73 + id: 66 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(kubelet_volume_stats_used_bytes{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) by (persistentvolumeclaim) + interval: '' + legendFormat: '{{`{{`}} persistentvolumeclaim {{`}}`}} - Used' + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(kubelet_volume_stats_capacity_bytes{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) by (persistentvolumeclaim) + hide: false + interval: '' + legendFormat: '{{`{{`}} persistentvolumeclaim {{`}}`}} - Capacity' + refId: B + title: Persistent Volumes - Capacity and usage in bytes + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 81 + id: 27 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: 1 - sum(kubelet_volume_stats_inodes_used{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) by (persistentvolumeclaim) / sum(kubelet_volume_stats_inodes{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"}) by (persistentvolumeclaim) + interval: '' + legendFormat: '{{`{{`}} persistentvolumeclaim {{`}}`}}' + refId: A + title: Persistent Volumes - Inodes + type: timeseries +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 89 + id: 76 + panels: [] + title: Network + type: row +- datasource: + default: false + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: binBps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 90 + id: 78 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(container_network_receive_bytes_total{namespace=~"$namespace", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (pod) + interval: $resolution + legendFormat: Received - {{`{{`}} pod {{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: '- sum(rate(container_network_transmit_bytes_total{namespace=~"$namespace", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (pod)' + interval: $resolution + legendFormat: Transmitted - {{`{{`}} pod {{`}}`}} + range: true + refId: B + title: Network - Bandwidth by pod + type: timeseries +- datasource: + default: false + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: pps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 90 + id: 79 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(container_network_receive_packets_total{namespace=~"$namespace", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (pod) + interval: $resolution + legendFormat: Received - {{`{{`}} pod {{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: '- sum(rate(container_network_transmit_packets_total{namespace=~"$namespace", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (pod)' + interval: $resolution + legendFormat: Transmitted - {{`{{`}} pod {{`}}`}} + range: true + refId: B + title: Network - Packets Rate by pod + type: timeseries +- datasource: + default: false + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: pps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 98 + id: 80 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(container_network_receive_packets_dropped_total{namespace=~"$namespace", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (pod) + interval: $resolution + legendFormat: Received - {{`{{`}} pod {{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: '- sum(rate(container_network_transmit_packets_dropped_total{namespace=~"$namespace", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (pod)' + interval: $resolution + legendFormat: Transmitted - {{`{{`}} pod {{`}}`}} + range: true + refId: B + title: Network - Packets Dropped by pod + type: timeseries +- datasource: + default: false + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: pps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 98 + id: 81 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(container_network_receive_errors_total{namespace=~"$namespace", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (pod) + interval: $resolution + legendFormat: Received - {{`{{`}} pod {{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: '- sum(rate(container_network_transmit_errors_total{namespace=~"$namespace", pod=~"${created_by}.*", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (pod)' + interval: $resolution + legendFormat: Transmitted - {{`{{`}} pod {{`}}`}} + range: true + refId: B + title: Network - Errors by pod + type: timeseries +refresh: 30s +schemaVersion: 39 +tags: +- Kubernetes +- Prometheus +- vm-k8s-stack +templating: + list: + - current: {} + hide: 0 + includeAll: false + multi: false + name: datasource + options: [] + query: {{ $defaultDatasource }} + queryValue: '' + refresh: 1 + regex: '' + skipUrlSync: false + type: datasource + - current: {} + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(kube_node_info,{{ $clusterLabel }}) + hide: {{ ternary 0 2 $multicluster }} + includeAll: false + multi: false + name: cluster + options: [] + query: {{ ternary (b64dec "eyJxcnlUeXBlIjogMSwgInF1ZXJ5IjogImxhYmVsX3ZhbHVlcyhrdWJlX25vZGVfaW5mbyxjbHVzdGVyKSIsICJyZWZJZCI6ICJQcm9tZXRoZXVzVmFyaWFibGVRdWVyeUVkaXRvci1WYXJpYWJsZVF1ZXJ5In0=" | replace "cluster" $clusterLabel) ".*" $multicluster }} + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + type: {{ ternary "query" "constant" $multicluster }} + - allValue: .* + current: {} + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(kube_pod_info{ {{ $clusterLabel }}=~"$cluster"}, namespace) + hide: 0 + includeAll: true + multi: true + name: namespace + options: [] + query: + query: label_values(kube_pod_info{ {{ $clusterLabel }}=~"$cluster"}, namespace) + refId: StandardVariableQuery + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + tagValuesQuery: '' + tagsQuery: '' + type: query + useTags: false + - current: + selected: false + text: 30s + value: 30s + hide: 0 + includeAll: false + multi: false + name: resolution + options: + - selected: false + text: 1s + value: 1s + - selected: false + text: 15s + value: 15s + - selected: true + text: 30s + value: 30s + - selected: false + text: 1m + value: 1m + - selected: false + text: 3m + value: 3m + - selected: false + text: 5m + value: 5m + query: 1s, 15s, 30s, 1m, 3m, 5m + queryValue: '' + skipUrlSync: false + type: custom + - allValue: .* + current: {} + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(kube_pod_info{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"},created_by_name) + description: Can be used to filter on a specific deployment, statefulset or deamonset (only relevant panels). + hide: 0 + includeAll: true + multi: true + name: created_by + options: [] + query: + query: label_values(kube_pod_info{namespace=~"$namespace", {{ $clusterLabel }}=~"$cluster"},created_by_name) + refId: PrometheusVariableQueryEditor-VariableQuery + refresh: 2 + regex: '' + skipUrlSync: false + sort: 1 + type: query +time: + from: now-1h + to: now +timepicker: {} +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: Kubernetes / Views / Namespaces +uid: k8s_views_ns +version: 43 +weekStart: '' diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-views-nodes.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-views-nodes.yaml new file mode 100644 index 0000000..81edb3d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-views-nodes.yaml @@ -0,0 +1,2966 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +__elements: {} +__inputs: +- description: '' + label: Prometheus + name: DS_PROMETHEUS + pluginId: prometheus + pluginName: Prometheus + type: datasource +__requires: +- id: gauge + name: Gauge + type: panel + version: '' +- id: grafana + name: Grafana + type: grafana + version: 10.3.1 +- id: prometheus + name: Prometheus + type: datasource + version: 1.0.0 +- id: stat + name: Stat + type: panel + version: '' +- id: table + name: Table + type: panel + version: '' +- id: timeseries + name: Time series + type: panel + version: '' +annotations: + list: + - builtIn: 1 + datasource: + type: datasource + uid: grafana + enable: true + hide: true + iconColor: rgba(0, 211, 255, 1) + name: Annotations & Alerts + target: + limit: 100 + matchAny: false + tags: [] + type: dashboard + type: dashboard + - datasource: + type: datasource + uid: grafana + enable: true + hide: false + iconColor: '#5c4ee5' + name: terraform + target: + limit: 100 + matchAny: false + tags: + - terraform + type: tags + - datasource: + type: datasource + uid: grafana + enable: true + hide: false + iconColor: red + name: oncall + target: + limit: 100 + matchAny: false + tags: + - oncall + type: tags +condition: {{ ($Values.kubelet).enabled }} +description: 'This is a modern ''Nodes View'' dashboard for your Kubernetes cluster(s). Made for kube-prometheus-stack and take advantage of the latest Grafana features. GitHub repository: https://github.com/dotdc/grafana-dashboards-kubernetes' +editable: false +fiscalYearStartMonth: 0 +graphTooltip: 1 +links: [] +liveNow: false +panels: +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 0 + id: 40 + panels: [] + title: Overview + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + decimals: 2 + mappings: [] + max: 1 + min: 0 + thresholds: + mode: percentage + steps: + - color: green + value: null + - color: orange + value: 50 + - color: red + value: 70 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 4 + x: 0 + 'y': 1 + id: 7 + options: + minVizHeight: 75 + minVizWidth: 75 + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showThresholdLabels: false + showThresholdMarkers: true + sizing: auto + text: {} + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: false + expr: avg(sum by (cpu) (rate(node_cpu_seconds_total{mode!~"idle|iowait|steal", instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]))) + instant: true + interval: $resolution + legendFormat: '' + refId: A + title: CPU Usage + type: gauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + decimals: 2 + mappings: [] + max: 1 + min: 0 + thresholds: + mode: percentage + steps: + - color: green + value: null + - color: orange + value: 50 + - color: red + value: 70 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 4 + x: 4 + 'y': 1 + id: 13 + options: + minVizHeight: 75 + minVizWidth: 75 + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showThresholdLabels: false + showThresholdMarkers: true + sizing: auto + text: {} + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: false + expr: sum(node_memory_MemTotal_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"} - node_memory_MemAvailable_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"}) / sum(node_memory_MemTotal_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"}) + instant: true + interval: $resolution + legendFormat: '' + refId: A + title: RAM Usage + type: gauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + mappings: [] + noValue: '0' + thresholds: + mode: absolute + steps: + - color: blue + value: null + overrides: [] + gridPos: + h: 8 + w: 4 + x: 8 + 'y': 1 + id: 24 + options: + colorMode: value + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: value + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(kube_pod_info{node="$node", {{ $clusterLabel }}=~"$cluster"}) + interval: '' + legendFormat: '' + refId: A + title: Pods on node + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: thresholds + custom: + align: auto + cellOptions: + type: auto + inspect: false + links: + - targetBlank: true + title: Pod details + url: /d/k8s_views_pods/kubernetes-views-pods?${datasource:queryparam}&var-namespace=${__data.fields.namespace}&${cluster:queryparam}&var-pod=${__data.fields.pod}&${resolution:queryparam}&${__url_time_range} + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: + - matcher: + id: byName + options: pod + properties: + - id: custom.width + value: 416 + - matcher: + id: byName + options: priority_class + properties: + - id: custom.width + value: 176 + - matcher: + id: byName + options: pod_ip + properties: + - id: custom.width + value: 157 + - matcher: + id: byName + options: created_by_kind + properties: + - id: custom.width + value: 205 + - matcher: + id: byName + options: namespace + properties: + - id: custom.width + value: 263 + gridPos: + h: 11 + w: 12 + x: 12 + 'y': 1 + id: 5 + options: + cellHeight: sm + footer: + countRows: false + fields: '' + reducer: + - sum + show: false + showHeader: true + sortBy: [] + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: kube_pod_info{node="$node", {{ $clusterLabel }}=~"$cluster"} + format: table + interval: '' + legendFormat: '' + refId: A + title: List of pods on node ($node) + transformations: + - id: organize + options: + excludeByName: + Time: true + Value: true + __name__: true + container: true + created_by_kind: false + created_by_name: true + endpoint: true + env: true + host_ip: true + host_network: true + instance: true + job: true + node: true + project: true + prometheus_replica: true + service: true + uid: true + indexByName: + Time: 6 + Value: 20 + __name__: 7 + container: 8 + created_by_kind: 2 + created_by_name: 9 + endpoint: 10 + env: 11 + host_ip: 5 + host_network: 12 + instance: 13 + job: 14 + namespace: 1 + node: 15 + pod: 0 + pod_ip: 3 + priority_class: 4 + project: 16 + prometheus_replica: 17 + service: 18 + uid: 19 + renameByName: {} + - id: groupBy + options: + fields: + created_by_kind: + aggregations: [] + operation: groupby + host_ip: + aggregations: [] + operation: groupby + namespace: + aggregations: + - last + operation: groupby + pod: + aggregations: [] + operation: groupby + pod_ip: + aggregations: [] + operation: groupby + priority_class: + aggregations: [] + operation: groupby + type: table +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + decimals: 3 + mappings: [] + noValue: '0' + thresholds: + mode: absolute + steps: + - color: rgb(255, 255, 255) + value: null + unit: none + overrides: [] + gridPos: + h: 3 + w: 2 + x: 0 + 'y': 9 + id: 9 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: false + expr: sum(rate(node_cpu_seconds_total{mode!~"idle|iowait|steal", instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + instant: true + interval: $resolution + legendFormat: '' + refId: A + title: CPU Used + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + mappings: [] + noValue: '0' + thresholds: + mode: absolute + steps: + - color: rgb(255, 255, 255) + value: null + unit: none + overrides: [] + gridPos: + h: 3 + w: 2 + x: 2 + 'y': 9 + id: 11 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(machine_cpu_cores{node="$node", {{ $clusterLabel }}=~"$cluster"}) + interval: $resolution + legendFormat: '' + refId: A + title: CPU Total + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + mappings: [] + noValue: '0' + thresholds: + mode: absolute + steps: + - color: rgb(255, 255, 255) + value: null + unit: bytes + overrides: [] + gridPos: + h: 3 + w: 2 + x: 4 + 'y': 9 + id: 15 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: false + expr: sum(node_memory_MemTotal_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"} - node_memory_MemAvailable_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"}) + instant: true + interval: '' + legendFormat: '' + refId: A + title: RAM Used + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + mappings: [] + noValue: '0' + thresholds: + mode: absolute + steps: + - color: rgb(255, 255, 255) + value: null + unit: bytes + overrides: [] + gridPos: + h: 3 + w: 2 + x: 6 + 'y': 9 + id: 17 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: machine_memory_bytes{node="$node", {{ $clusterLabel }}=~"$cluster"} + instant: false + interval: '' + legendFormat: '' + refId: A + title: RAM Total + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + mappings: [] + noValue: '0' + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: '#EAB839' + value: 25228800 + - color: red + value: 31536000 + unit: s + overrides: [] + gridPos: + h: 3 + w: 4 + x: 8 + 'y': 9 + id: 18 + options: + colorMode: value + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: node_time_seconds{instance="$instance", {{ $clusterLabel }}=~"$cluster"} - node_boot_time_seconds{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + instant: false + interval: '' + legendFormat: '' + refId: A + title: uptime + type: stat +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 12 + id: 38 + panels: [] + title: Resources + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + max: 100 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percent + overrides: [] + gridPos: + h: 9 + w: 12 + x: 0 + 'y': 13 + id: 2 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: avg(rate(node_cpu_seconds_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) * 100) by (mode) + hide: false + instant: false + interval: $resolution + legendFormat: '{{`{{`}} mode {{`}}`}}' + refId: A + title: CPU Usage + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 9 + w: 12 + x: 12 + 'y': 13 + id: 3 + options: + legend: + calcs: [] + displayMode: list + placement: right + showLegend: true + tooltip: + mode: multi + sort: desc + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: node_memory_MemTotal_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"} - node_memory_MemFree_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"} - (node_memory_Cached_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + node_memory_Buffers_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"}) + instant: false + interval: $resolution + legendFormat: RAM Used + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: node_memory_MemTotal_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + hide: false + interval: $resolution + legendFormat: RAM Total + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: node_memory_Cached_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + hide: false + interval: $resolution + legendFormat: RAM Cache + refId: C + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: node_memory_Buffers_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + hide: false + interval: $resolution + legendFormat: RAM Buffer + refId: D + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: node_memory_MemFree_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + hide: false + interval: $resolution + legendFormat: RAM Free + refId: E + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: node_memory_SwapTotal_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"} - node_memory_SwapFree_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + hide: false + interval: $resolution + legendFormat: SWAP Used + refId: F + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: node_memory_SwapTotal_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + hide: false + interval: $resolution + legendFormat: SWAP Total + refId: G + title: Memory Usage + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: CPU Cores + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 22 + id: 26 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(container_cpu_usage_seconds_total{node="$node", image!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (pod) + interval: $resolution + legendFormat: '{{`{{`}} pod {{`}}`}}' + refId: A + title: CPU usage by Pod + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 22 + id: 28 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(container_memory_working_set_bytes{node="$node", image!="", {{ $clusterLabel }}=~"$cluster"}) by (pod) + interval: $resolution + legendFormat: '{{`{{`}} pod {{`}}`}}' + refId: A + title: Memory usage by Pod + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Number of times a CPU core has been throttled on an instance. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: CPU CORES + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 30 + id: 66 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(node_cpu_core_throttles_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: $resolution + legendFormat: Nb of cpu core throttles + range: true + refId: A + title: Number of CPU Core Throttled + type: timeseries +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 38 + id: 44 + panels: [] + title: System + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 39 + id: 48 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: node_load1{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + interval: $resolution + legendFormat: 1m + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: node_load5{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + hide: false + interval: $resolution + legendFormat: 5m + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: node_load15{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + hide: false + interval: $resolution + legendFormat: 15m + range: true + refId: C + title: System Load + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 39 + id: 46 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: rate(node_context_switches_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) + interval: $resolution + intervalFactor: 1 + legendFormat: Context switches + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: rate(node_intr_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) + hide: false + interval: $resolution + legendFormat: Interrupts + range: true + refId: B + title: Context Switches & Interrupts + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 47 + id: 49 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: node_filefd_maximum{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + instant: false + interval: $resolution + legendFormat: Maximum file descriptors + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: node_filefd_allocated{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + hide: false + instant: false + interval: $resolution + legendFormat: Allocated file descriptors + refId: B + title: File Descriptors + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 47 + id: 50 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: node_timex_estimated_error_seconds{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + instant: false + interval: $resolution + intervalFactor: 1 + legendFormat: Estimated error in seconds + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: node_timex_maxerror_seconds{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + hide: false + interval: $resolution + intervalFactor: 1 + legendFormat: Maximum error in seconds + range: true + refId: B + title: Time Sync + type: timeseries +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 55 + id: 36 + panels: [] + title: Network + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: BANDWIDTH + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: binBps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 56 + id: 20 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(node_network_receive_bytes_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: $resolution + legendFormat: In + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: '- sum(rate(node_network_transmit_bytes_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]))' + interval: $resolution + legendFormat: Out + range: true + refId: B + title: Network usage (bytes/s) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 56 + id: 61 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(node_network_receive_errs_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: $resolution + legendFormat: In + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: '- sum(rate(node_network_transmit_errs_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]))' + interval: $resolution + legendFormat: Out + range: true + refId: B + title: Network errors + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: pps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 64 + id: 62 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(node_network_receive_packets_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: $resolution + legendFormat: In + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: '- sum(rate(node_network_transmit_packets_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]))' + interval: $resolution + legendFormat: Out + range: true + refId: B + title: Network usage (packet/s) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 64 + id: 64 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(node_network_receive_drop_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + hide: false + interval: $resolution + legendFormat: In + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: '- sum(rate(node_network_transmit_drop_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]))' + hide: false + interval: $resolution + legendFormat: Out + refId: B + title: Network total drops + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 72 + id: 60 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: node_netstat_Tcp_CurrEstab{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + instant: false + interval: $resolution + legendFormat: TCP Currently Established + refId: A + title: TCP Currently Established + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: + - matcher: + id: byName + options: NF Conntrack limit + properties: + - id: color + value: + fixedColor: red + mode: fixed + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 72 + id: 63 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: node_nf_conntrack_entries{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + instant: false + interval: $resolution + legendFormat: NF Conntrack entries + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: node_nf_conntrack_entries_limit{instance="$instance", {{ $clusterLabel }}=~"$cluster"} + hide: false + interval: $resolution + legendFormat: NF Conntrack limit + range: true + refId: B + title: NF Conntrack + type: timeseries +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 80 + id: 54 + panels: [] + title: Kubernetes Storage + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 81 + id: 30 + options: + legend: + calcs: [] + displayMode: list + placement: right + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(kubelet_volume_stats_used_bytes{node="$node", {{ $clusterLabel }}=~"$cluster"}) by (persistentvolumeclaim) / sum(kubelet_volume_stats_capacity_bytes{node="$node", {{ $clusterLabel }}=~"$cluster"}) by (persistentvolumeclaim) + interval: $resolution + legendFormat: '{{`{{`}} persistentvolumeclaim {{`}}`}}' + range: true + refId: A + title: Persistent Volumes - Usage in % + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: continuous-GrYlRd + custom: + align: auto + cellOptions: + type: auto + filterable: false + inspect: false + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Used + properties: + - id: custom.width + value: 146 + - matcher: + id: byName + options: Total + properties: + - id: custom.width + value: 167 + gridPos: + h: 16 + w: 12 + x: 12 + 'y': 81 + id: 34 + options: + cellHeight: sm + footer: + countRows: false + fields: '' + reducer: + - sum + show: false + showHeader: true + sortBy: [] + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(kubelet_volume_stats_used_bytes{node="$node", {{ $clusterLabel }}=~"$cluster"}) by (persistentvolumeclaim) + format: table + hide: false + interval: '' + legendFormat: '' + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(kubelet_volume_stats_capacity_bytes{node="$node", {{ $clusterLabel }}=~"$cluster"}) by (persistentvolumeclaim) + format: table + hide: false + interval: '' + legendFormat: '' + refId: B + title: Persistent Volumes - Usage in GB + transformations: + - id: groupBy + options: + fields: + Value: + aggregations: + - lastNotNull + operation: aggregate + 'Value #A': + aggregations: + - lastNotNull + operation: aggregate + 'Value #B': + aggregations: + - lastNotNull + operation: aggregate + persistentvolumeclaim: + aggregations: [] + operation: groupby + - id: seriesToColumns + options: + byField: persistentvolumeclaim + - id: organize + options: + excludeByName: {} + indexByName: {} + renameByName: + 'Value #A (lastNotNull)': Used + 'Value #B (lastNotNull)': Total + persistentvolumeclaim: Persistent Volume Claim + type: table +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percent + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 89 + id: 32 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(kubelet_volume_stats_inodes_used{node="$node", {{ $clusterLabel }}=~"$cluster"}) by (persistentvolumeclaim) / sum(kubelet_volume_stats_inodes{node="$node", {{ $clusterLabel }}=~"$cluster"}) by (persistentvolumeclaim) * 100 + interval: $resolution + legendFormat: '{{`{{`}} persistentvolumeclaim {{`}}`}}' + range: true + refId: A + title: Persistent Volumes - Inodes + type: timeseries +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 97 + id: 42 + panels: [] + title: Node Storage + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percent + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 98 + id: 33 + options: + legend: + calcs: [] + displayMode: list + placement: right + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: 100 - ((node_filesystem_avail_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"} * 100) / node_filesystem_size_bytes{instance="$instance", {{ $clusterLabel }}=~"$cluster"}) + hide: false + interval: $resolution + legendFormat: '{{`{{`}} mountpoint {{`}}`}}' + range: true + refId: A + title: FS usage in % + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percent + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 98 + id: 59 + options: + legend: + calcs: [] + displayMode: list + placement: right + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: 100 - (node_filesystem_files_free{instance="$instance", {{ $clusterLabel }}=~"$cluster"} / node_filesystem_files{instance="$instance", {{ $clusterLabel }}=~"$cluster"} * 100) + hide: false + interval: $resolution + legendFormat: '{{`{{`}} mountpoint {{`}}`}}' + range: true + refId: A + title: FS inode usage in % + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 106 + id: 52 + options: + legend: + calcs: [] + displayMode: list + placement: right + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: rate(node_disk_read_bytes_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) + interval: $resolution + legendFormat: '{{`{{`}}device{{`}}`}}' + range: true + refId: A + title: Reads by disk (bytes) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 106 + id: 57 + options: + legend: + calcs: [] + displayMode: list + placement: right + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: rate(node_disk_written_bytes_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) + hide: false + interval: $resolution + legendFormat: '{{`{{`}}device{{`}}`}}' + range: true + refId: A + title: Writes by disk (bytes) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: read/s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 114 + id: 51 + options: + legend: + calcs: [] + displayMode: list + placement: right + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: rate(node_disk_reads_completed_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) + interval: $resolution + legendFormat: '{{`{{`}}device{{`}}`}}' + range: true + refId: A + title: Completed reads by disk + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: write/s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 114 + id: 56 + options: + legend: + calcs: [] + displayMode: list + placement: right + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: rate(node_disk_writes_completed_total{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) + hide: false + interval: $resolution + legendFormat: '{{`{{`}}device{{`}}`}}' + range: true + refId: A + title: Completed writes by disk + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: io/s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 122 + id: 58 + options: + legend: + calcs: [] + displayMode: list + placement: right + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: rate(node_disk_io_now{instance="$instance", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]) + interval: $resolution + legendFormat: '{{`{{`}}device{{`}}`}}' + range: true + refId: A + title: Disk(s) io/s + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 122 + id: 55 + options: + legend: + calcs: [] + displayMode: list + placement: right + showLegend: false + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(node_filesystem_device_error{instance="$instance", {{ $clusterLabel }}=~"$cluster"}) by (mountpoint) + interval: $resolution + legendFormat: '{{`{{`}} mountpoint {{`}}`}}' + range: true + refId: A + title: FS - Device Errors + type: timeseries +refresh: 30s +schemaVersion: 39 +tags: +- Kubernetes +- Prometheus +- vm-k8s-stack +templating: + list: + - current: {} + hide: 0 + includeAll: false + multi: false + name: datasource + options: [] + query: {{ $defaultDatasource }} + queryValue: '' + refresh: 1 + regex: '' + skipUrlSync: false + type: datasource + - current: {} + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(kube_node_info,{{ $clusterLabel }}) + hide: {{ ternary 0 2 $multicluster }} + includeAll: false + multi: false + name: cluster + options: [] + query: {{ ternary (b64dec "eyJxcnlUeXBlIjogMSwgInF1ZXJ5IjogImxhYmVsX3ZhbHVlcyhrdWJlX25vZGVfaW5mbyxjbHVzdGVyKSIsICJyZWZJZCI6ICJQcm9tZXRoZXVzVmFyaWFibGVRdWVyeUVkaXRvci1WYXJpYWJsZVF1ZXJ5In0=" | replace "cluster" $clusterLabel) ".*" $multicluster }} + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + type: {{ ternary "query" "constant" $multicluster }} + - current: + selected: false + text: 30s + value: 30s + hide: 0 + includeAll: false + multi: false + name: resolution + options: + - selected: false + text: 1s + value: 1s + - selected: false + text: 15s + value: 15s + - selected: true + text: 30s + value: 30s + - selected: false + text: 1m + value: 1m + - selected: false + text: 3m + value: 3m + - selected: false + text: 5m + value: 5m + query: 1s, 15s, 30s, 1m, 3m, 5m + queryValue: '' + skipUrlSync: false + type: custom + - current: {} + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(kube_node_info{ {{ $clusterLabel }}=~"$cluster"}, node) + hide: 0 + includeAll: false + multi: false + name: node + options: [] + query: + query: label_values(kube_node_info{ {{ $clusterLabel }}=~"$cluster"}, node) + refId: StandardVariableQuery + refresh: 2 + regex: '' + skipUrlSync: false + sort: 1 + type: query + - current: {} + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(node_uname_info{nodename=~"(?i:($node)(\\.[a-z0-9.]+)?)", {{ $clusterLabel }}=~"$cluster"}, instance) + hide: 2 + includeAll: false + multi: false + name: instance + options: [] + query: + query: label_values(node_uname_info{nodename=~"(?i:($node)(\\.[a-z0-9.]+)?)", {{ $clusterLabel }}=~"$cluster"}, instance) + refId: StandardVariableQuery + refresh: 2 + regex: '' + skipUrlSync: false + sort: 1 + type: query +time: + from: now-1h + to: now +timepicker: {} +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: Kubernetes / Views / Nodes +uid: k8s_views_nodes +version: 36 +weekStart: '' diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-views-pods.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-views-pods.yaml new file mode 100644 index 0000000..6ffe557 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/kubernetes-views-pods.yaml @@ -0,0 +1,2024 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +__elements: [] +__inputs: +- description: '' + label: Prometheus + name: DS_PROMETHEUS + pluginId: prometheus + pluginName: Prometheus + type: datasource +__requires: +- id: grafana + name: Grafana + type: grafana + version: 8.3.4 +- id: prometheus + name: Prometheus + type: datasource + version: 5.0.0 +- id: timeseries + name: Time series + type: panel + version: '' +- id: stat + name: Stat + type: panel + version: '' +- id: gauge + name: Gauge + type: panel + version: '' +- id: table + name: Table + type: panel + version: '' +annotations: + list: + - builtIn: 1 + datasource: + type: datasource + uid: grafana + enable: true + hide: true + iconColor: rgba(0, 211, 255, 1) + name: Annotations & Alerts + target: + limit: 100 + matchAny: false + tags: [] + type: dashboard + type: dashboard + - datasource: + type: datasource + uid: grafana + enable: true + hide: false + iconColor: '#5c4ee5' + name: terraform + target: + limit: 100 + matchAny: false + tags: + - terraform + type: tags + - datasource: + type: datasource + uid: grafana + enable: true + hide: false + iconColor: red + name: oncall + target: + limit: 100 + matchAny: false + tags: + - oncall + type: tags +condition: {{ ($Values.kubelet).enabled }} +description: 'This is a modern ''Pods View'' dashboard for your Kubernetes cluster(s). Made for kube-prometheus-stack and take advantage of the latest Grafana features. GitHub repository: https://github.com/dotdc/grafana-dashboards-kubernetes' +editable: false +fiscalYearStartMonth: 0 +graphTooltip: 1 +links: [] +liveNow: false +panels: +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: grafana + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 0 + id: 43 + panels: [] + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: grafana + refId: A + title: Information + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Panel only works when a single pod is selected. + fieldConfig: + defaults: + mappings: [] + thresholds: + mode: absolute + steps: + - color: rgb(255, 255, 255) + value: null + unit: none + overrides: [] + gridPos: + h: 2 + w: 12 + x: 0 + 'y': 1 + id: 2 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - mean + fields: '' + values: false + showPercentChange: false + textMode: name + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: kube_pod_info{namespace="$namespace", pod="$pod", {{ $clusterLabel }}=~"$cluster"} + instant: true + interval: '' + legendFormat: '{{`{{`}} created_by_kind {{`}}`}}: {{`{{`}} created_by_name {{`}}`}}' + refId: A + title: Created by + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Panel only works when a single pod is selected. + fieldConfig: + defaults: + links: + - title: '' + url: /d/k8s_views_nodes/kubernetes-views-nodes?var-datasource=${datasource}&var-node=${__field.labels.node}&${cluster:queryparam} + mappings: [] + thresholds: + mode: absolute + steps: + - color: rgb(255, 255, 255) + value: null + unit: none + overrides: [] + gridPos: + h: 2 + w: 6 + x: 12 + 'y': 1 + id: 33 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - mean + fields: '' + values: false + showPercentChange: false + textMode: name + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: kube_pod_info{namespace="$namespace", pod="$pod", {{ $clusterLabel }}=~"$cluster"} + instant: true + interval: '' + legendFormat: '{{`{{`}} node {{`}}`}}' + refId: A + title: Running on + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Panel only works when a single pod is selected. + fieldConfig: + defaults: + mappings: [] + thresholds: + mode: absolute + steps: + - color: rgb(255, 255, 255) + value: null + unit: none + overrides: [] + gridPos: + h: 2 + w: 6 + x: 18 + 'y': 1 + id: 41 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - mean + fields: '' + values: false + showPercentChange: false + textMode: name + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: kube_pod_info{namespace="$namespace", pod="$pod", {{ $clusterLabel }}=~"$cluster"} + instant: true + interval: '' + legendFormat: '{{`{{`}} pod_ip {{`}}`}}' + refId: A + title: Pod IP + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Panel only works when a single pod is selected. + fieldConfig: + defaults: + mappings: [] + thresholds: + mode: absolute + steps: + - color: rgb(255, 255, 255) + value: null + unit: none + overrides: [] + gridPos: + h: 2 + w: 5 + x: 0 + 'y': 3 + id: 52 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - mean + fields: '' + values: false + showPercentChange: false + textMode: name + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: kube_pod_info{namespace="$namespace", pod="$pod", priority_class!="", {{ $clusterLabel }}=~"$cluster"} + format: time_series + instant: true + interval: '' + legendFormat: '{{`{{`}} priority_class {{`}}`}}' + range: false + refId: A + title: Priority Class + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Panel only works when a single pod is selected. + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: none + overrides: + - matcher: + id: byName + options: Burstable + properties: + - id: color + value: + fixedColor: red + mode: fixed + - matcher: + id: byName + options: BestEffort + properties: + - id: color + value: + fixedColor: orange + mode: fixed + gridPos: + h: 2 + w: 7 + x: 5 + 'y': 3 + id: 53 + options: + colorMode: value + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: [] + fields: '' + values: false + showPercentChange: false + textMode: name + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: kube_pod_status_qos_class{namespace="$namespace", pod="$pod", {{ $clusterLabel }}=~"$cluster"} > 0 + instant: true + interval: '' + legendFormat: '{{`{{`}} qos_class {{`}}`}}' + refId: A + title: QOS Class + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Panel only works when a single pod is selected. + fieldConfig: + defaults: + mappings: [] + thresholds: + mode: absolute + steps: + - color: text + value: null + - color: red + value: 1 + unit: none + overrides: [] + gridPos: + h: 2 + w: 6 + x: 12 + 'y': 3 + id: 56 + options: + colorMode: value + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: [] + fields: '' + values: false + showPercentChange: false + textMode: name + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: kube_pod_container_status_last_terminated_reason{namespace="$namespace", pod="$pod", {{ $clusterLabel }}=~"$cluster"} + instant: true + interval: '' + legendFormat: '{{`{{`}} reason {{`}}`}}' + refId: A + title: Last Terminated Reason + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Panel only works when a single pod is selected. + fieldConfig: + defaults: + mappings: [] + thresholds: + mode: absolute + steps: + - color: text + value: null + - color: red + value: 1 + - color: '#EAB839' + value: 2 + unit: none + overrides: [] + gridPos: + h: 2 + w: 6 + x: 18 + 'y': 3 + id: 57 + options: + colorMode: value + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: [] + fields: '' + values: true + showPercentChange: false + textMode: value + wideLayout: true + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: kube_pod_container_status_last_terminated_exitcode{namespace="$namespace", pod="$pod", {{ $clusterLabel }}=~"$cluster"} + instant: true + interval: '' + legendFormat: __auto + range: false + refId: A + title: Last Terminated Exit Code + type: stat +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: grafana + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 5 + id: 47 + panels: [] + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: grafana + refId: A + title: Resources + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + fixedColor: blue + mode: fixed + decimals: 2 + mappings: [] + max: 1 + min: 0 + thresholds: + mode: percentage + steps: + - color: green + value: null + - color: '#EAB839' + value: 60 + - color: red + value: 75 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 3 + x: 0 + 'y': 6 + id: 39 + options: + minVizHeight: 75 + minVizWidth: 75 + orientation: auto + reduceOptions: + calcs: + - last + fields: '' + values: false + showThresholdLabels: false + showThresholdMarkers: true + sizing: auto + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: sum(rate(container_cpu_usage_seconds_total{namespace="$namespace", pod=~"$pod", image!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) / sum(kube_pod_container_resource_requests{namespace="$namespace", pod=~"$pod", resource="cpu", job=~"$job", {{ $clusterLabel }}=~"$cluster"}) + instant: true + interval: $resolution + legendFormat: Requests + refId: A + title: Total pod CPU Requests usage + type: gauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + decimals: 2 + mappings: [] + max: 1 + min: 0 + thresholds: + mode: percentage + steps: + - color: green + value: null + - color: '#EAB839' + value: 60 + - color: red + value: 75 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 3 + x: 3 + 'y': 6 + id: 48 + options: + minVizHeight: 75 + minVizWidth: 75 + orientation: auto + reduceOptions: + calcs: + - last + fields: '' + values: false + showThresholdLabels: false + showThresholdMarkers: true + sizing: auto + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: sum(rate(container_cpu_usage_seconds_total{namespace="$namespace", pod=~"$pod", image!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) / sum(kube_pod_container_resource_limits{namespace="$namespace", pod=~"$pod", resource="cpu", job=~"$job", {{ $clusterLabel }}=~"$cluster"}) + instant: true + interval: $resolution + legendFormat: Limits + refId: A + title: Total pod CPU Limits usage + type: gauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + fixedColor: blue + mode: fixed + decimals: 2 + mappings: [] + max: 1 + min: 0 + thresholds: + mode: percentage + steps: + - color: blue + value: null + - color: '#EAB839' + value: 80 + - color: red + value: 99 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 3 + x: 6 + 'y': 6 + id: 40 + options: + minVizHeight: 75 + minVizWidth: 75 + orientation: auto + reduceOptions: + calcs: + - last + fields: '' + values: false + showThresholdLabels: false + showThresholdMarkers: true + sizing: auto + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: sum(container_memory_working_set_bytes{namespace="$namespace", pod=~"$pod", image!="", {{ $clusterLabel }}=~"$cluster"}) / sum(kube_pod_container_resource_requests{namespace="$namespace", pod=~"$pod", resource="memory", job=~"$job", {{ $clusterLabel }}=~"$cluster"}) + instant: true + interval: $resolution + legendFormat: Requests + refId: A + title: Total pod RAM Requests usage + type: gauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + decimals: 2 + mappings: [] + max: 1 + min: 0 + thresholds: + mode: percentage + steps: + - color: green + value: null + - color: '#EAB839' + value: 60 + - color: red + value: 75 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 3 + x: 9 + 'y': 6 + id: 49 + options: + minVizHeight: 75 + minVizWidth: 75 + orientation: auto + reduceOptions: + calcs: + - last + fields: '' + values: false + showThresholdLabels: false + showThresholdMarkers: true + sizing: auto + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: sum(container_memory_working_set_bytes{namespace="$namespace", pod=~"$pod", image!="", {{ $clusterLabel }}=~"$cluster"}) / sum(kube_pod_container_resource_limits{namespace="$namespace", pod=~"$pod", resource="memory", job=~"$job", {{ $clusterLabel }}=~"$cluster"}) + instant: true + interval: $resolution + legendFormat: Limits + refId: B + title: Total pod RAM Limits usage + type: gauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + custom: + align: auto + cellOptions: + type: auto + filterable: false + inspect: false + minWidth: 100 + decimals: 4 + mappings: [] + thresholds: + mode: absolute + steps: + - color: blue + value: null + unit: none + overrides: + - matcher: + id: byName + options: Memory Requests + properties: + - id: unit + value: bytes + - id: decimals + value: 2 + - matcher: + id: byName + options: Memory Limits + properties: + - id: unit + value: bytes + - id: decimals + value: 2 + - matcher: + id: byName + options: Memory Used + properties: + - id: unit + value: bytes + - id: decimals + value: 2 + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 6 + id: 38 + options: + cellHeight: sm + footer: + countRows: false + fields: '' + reducer: + - sum + show: false + showHeader: true + sortBy: [] + pluginVersion: 11.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: sum(kube_pod_container_resource_requests{namespace="$namespace", pod=~"$pod", resource="cpu", job=~"$job", {{ $clusterLabel }}=~"$cluster"}) by (container) + format: table + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: sum(kube_pod_container_resource_limits{namespace="$namespace", pod=~"$pod", resource="cpu", job=~"$job", {{ $clusterLabel }}=~"$cluster"}) by (container) + format: table + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: sum(kube_pod_container_resource_requests{namespace="$namespace", pod=~"$pod", resource="memory", job=~"$job", {{ $clusterLabel }}=~"$cluster"}) by (container) + format: table + instant: true + interval: '' + legendFormat: '' + refId: C + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: sum(kube_pod_container_resource_limits{namespace="$namespace", pod=~"$pod", resource="memory", job=~"$job", {{ $clusterLabel }}=~"$cluster"}) by (container) + format: table + instant: true + interval: '' + legendFormat: '' + refId: D + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: sum(rate(container_cpu_usage_seconds_total{namespace="$namespace", pod=~"$pod", image!="", container!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (container) + format: table + hide: false + instant: true + legendFormat: __auto + range: false + refId: E + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: sum(container_memory_working_set_bytes{namespace="$namespace", pod=~"$pod", image!="", container!="", {{ $clusterLabel }}=~"$cluster"}) by (container) + format: table + hide: false + instant: true + range: false + refId: F + title: Resources by container + transformations: + - id: seriesToColumns + options: + byField: container + - id: organize + options: + excludeByName: + Time: true + Time 1: true + Time 2: true + Time 4: true + __name__: true + __name__ 1: true + __name__ 2: true + __name__ 3: true + __name__ 4: true + container: false + endpoint: true + endpoint 2: true + endpoint 3: true + endpoint 4: true + instance: true + instance 2: true + instance 3: true + instance 4: true + job: true + job 2: true + job 3: true + job 4: true + namespace: true + namespace 2: true + namespace 3: true + namespace 4: true + node: true + node 2: true + node 3: true + node 4: true + pod: true + pod 2: true + pod 3: true + pod 4: true + resource 1: true + resource 2: true + resource 3: true + resource 4: true + service: true + service 2: true + service 3: true + service 4: true + uid 1: true + uid 2: true + uid 3: true + uid 4: true + unit 1: true + unit 2: true + unit 3: true + unit 4: true + indexByName: + Time 1: 7 + Time 2: 8 + Time 3: 9 + Time 4: 10 + Time 5: 11 + Time 6: 12 + 'Value #A': 2 + 'Value #B': 3 + 'Value #C': 5 + 'Value #D': 6 + 'Value #E': 1 + 'Value #F': 4 + container: 0 + renameByName: + 'Value #A': CPU Requests + 'Value #B': CPU Limits + 'Value #C': Memory Requests + 'Value #D': Memory Limits + 'Value #E': CPU Used + 'Value #F': Memory Used + container: Container + type: table +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: thresholds + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: Percent + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: area + mappings: [] + max: 1 + min: 0 + thresholds: + mode: percentage + steps: + - color: red + value: null + - color: yellow + value: 20 + - color: green + value: 30 + - color: yellow + value: 70 + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 14 + id: 50 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(container_cpu_usage_seconds_total{namespace="$namespace", pod=~"$pod", image!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (container) / sum(kube_pod_container_resource_requests{namespace="$namespace", pod=~"$pod", resource="cpu", job=~"$job", {{ $clusterLabel }}=~"$cluster"}) by (container) + interval: $resolution + legendFormat: '{{`{{`}} container {{`}}`}} REQUESTS' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(rate(container_cpu_usage_seconds_total{namespace="$namespace", pod=~"$pod", image!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (container) / sum(kube_pod_container_resource_limits{namespace="$namespace", pod=~"$pod", resource="cpu", job=~"$job", {{ $clusterLabel }}=~"$cluster"}) by (container) + hide: false + legendFormat: '{{`{{`}} container {{`}}`}} LIMITS' + range: true + refId: B + title: CPU Usage / Requests & Limits by container + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + fixedColor: blue + mode: thresholds + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: Percent + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: area + mappings: [] + max: 1 + min: 0 + thresholds: + mode: percentage + steps: + - color: red + value: null + - color: yellow + value: 20 + - color: green + value: 30 + - color: '#EAB839' + value: 70 + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 14 + id: 30 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(container_memory_working_set_bytes{namespace="$namespace", pod=~"$pod", image!="", {{ $clusterLabel }}=~"$cluster"}) by (container) / sum(kube_pod_container_resource_requests{namespace="$namespace", pod=~"$pod", resource="memory", job=~"$job", {{ $clusterLabel }}=~"$cluster"}) by (container) + interval: '' + legendFormat: '{{`{{`}} container {{`}}`}} REQUESTS' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(container_memory_working_set_bytes{namespace="$namespace", pod=~"$pod", image!="", {{ $clusterLabel }}=~"$cluster"}) by (container) / sum(kube_pod_container_resource_limits{namespace="$namespace", pod=~"$pod", resource="memory", job=~"$job", {{ $clusterLabel }}=~"$cluster"}) by (container) + hide: false + legendFormat: '{{`{{`}} container {{`}}`}} LIMITS' + range: true + refId: B + title: Memory Usage / Requests & Limits by container + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: CPU Cores + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 4 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: + - matcher: + id: byName + options: limit + properties: + - id: color + value: + fixedColor: '#F2495C' + mode: fixed + - id: custom.fillOpacity + value: 0 + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 22 + id: 29 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(container_cpu_usage_seconds_total{namespace="$namespace", pod=~"$pod", image!="", container!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (container, id) + interval: $resolution + legendFormat: '{{`{{`}} container {{`}}`}}' + range: true + refId: A + title: CPU Usage by container + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: Bytes + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 22 + id: 51 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(container_memory_working_set_bytes{namespace="$namespace", pod=~"$pod", image!="", container!="", {{ $clusterLabel }}=~"$cluster"}) by (container, id) + interval: '' + legendFormat: '{{`{{`}} container {{`}}`}}' + range: true + refId: A + title: Memory Usage by container + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: SECONDS + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 30 + id: 59 + options: + legend: + calcs: + - min + - max + - mean + displayMode: table + placement: right + showLegend: true + sortBy: Max + sortDesc: true + tooltip: + mode: single + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(rate(container_cpu_cfs_throttled_seconds_total{namespace=~"$namespace", pod=~"$pod", image!="", container!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (container) + interval: $resolution + legendFormat: '{{`{{`}} container {{`}}`}}' + range: true + refId: A + title: CPU Throttled seconds by container + type: timeseries +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 38 + id: 62 + panels: [] + title: Kubernetes + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + fixedColor: blue + mode: thresholds + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: Percent + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: area + mappings: [] + max: 1 + min: 0 + thresholds: + mode: percentage + steps: + - color: red + value: null + - color: yellow + value: 20 + - color: green + value: 30 + - color: '#EAB839' + value: 70 + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 39 + id: 60 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(increase(container_oom_events_total{namespace="${namespace}", pod="${pod}", container!="", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (container) + interval: '' + legendFormat: '{{`{{`}} container {{`}}`}}' + range: true + refId: A + title: OOM Events by container + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + fixedColor: blue + mode: thresholds + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: Percent + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineStyle: + fill: solid + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: area + mappings: [] + max: 1 + min: 0 + thresholds: + mode: percentage + steps: + - color: red + value: null + - color: yellow + value: 20 + - color: green + value: 30 + - color: '#EAB839' + value: 70 + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 39 + id: 61 + options: + legend: + calcs: [] + displayMode: table + placement: right + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: true + expr: sum(increase(kube_pod_container_status_restarts_total{namespace=~"${namespace}", pod="${pod}", container!="", job=~"$job", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) by (container) + interval: '' + legendFormat: '{{`{{`}} container {{`}}`}}' + range: true + refId: A + title: Container Restarts by container + type: timeseries +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: grafana + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 47 + id: 45 + panels: [] + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: grafana + refId: A + title: Network + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: binBps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 48 + id: 31 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(container_network_receive_bytes_total{namespace="$namespace", pod=~"$pod", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: $resolution + legendFormat: Received + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: '- sum(rate(container_network_transmit_bytes_total{namespace="$namespace", pod=~"$pod", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]))' + interval: $resolution + legendFormat: Transmitted + refId: B + title: Network - Bandwidth + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: pps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 48 + id: 34 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(container_network_receive_packets_total{namespace="$namespace", pod=~"$pod", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: $resolution + legendFormat: Received + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: '- sum(rate(container_network_transmit_packets_total{namespace="$namespace", pod=~"$pod", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]))' + interval: $resolution + legendFormat: Transmitted + refId: B + title: Network - Packets Rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: pps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 56 + id: 36 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(container_network_receive_packets_dropped_total{namespace="$namespace", pod=~"$pod", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: $resolution + legendFormat: Received + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: '- sum(rate(container_network_transmit_packets_dropped_total{namespace="$namespace", pod=~"$pod", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]))' + interval: $resolution + legendFormat: Transmitted + refId: B + title: Network - Packets Dropped + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 25 + gradientMode: opacity + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: pps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 56 + id: 37 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 8.3.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: sum(rate(container_network_receive_errors_total{namespace="$namespace", pod=~"$pod", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval])) + interval: $resolution + legendFormat: Received + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + exemplar: true + expr: '- sum(rate(container_network_transmit_errors_total{namespace="$namespace", pod=~"$pod", {{ $clusterLabel }}=~"$cluster"}[$__rate_interval]))' + interval: $resolution + legendFormat: Transmitted + refId: B + title: Network - Errors + type: timeseries +refresh: 30s +schemaVersion: 39 +tags: +- Kubernetes +- Prometheus +- vm-k8s-stack +templating: + list: + - current: + selected: false + text: '' + value: '' + hide: 0 + includeAll: false + multi: false + name: datasource + options: [] + query: {{ $defaultDatasource }} + queryValue: '' + refresh: 1 + regex: '' + skipUrlSync: false + type: datasource + - current: + isNone: true + selected: false + text: None + value: '' + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(kube_node_info,{{ $clusterLabel }}) + hide: {{ ternary 0 2 $multicluster }} + includeAll: false + multi: false + name: cluster + options: [] + query: {{ ternary (b64dec "eyJxcnlUeXBlIjogMSwgInF1ZXJ5IjogImxhYmVsX3ZhbHVlcyhrdWJlX25vZGVfaW5mbyxjbHVzdGVyKSIsICJyZWZJZCI6ICJQcm9tZXRoZXVzVmFyaWFibGVRdWVyeUVkaXRvci1WYXJpYWJsZVF1ZXJ5In0=" | replace "cluster" $clusterLabel) ".*" $multicluster }} + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + type: {{ ternary "query" "constant" $multicluster }} + - current: + selected: false + text: monitoring + value: monitoring + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(kube_pod_info{ {{ $clusterLabel }}=~"$cluster"}, namespace) + hide: 0 + includeAll: false + multi: false + name: namespace + options: [] + query: + query: label_values(kube_pod_info{ {{ $clusterLabel }}=~"$cluster"}, namespace) + refId: Prometheus-namespace-Variable-Query + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + tagValuesQuery: '' + tagsQuery: '' + type: query + useTags: false + - allValue: .* + current: + selected: false + text: '' + value: '' + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(kube_pod_info{namespace="$namespace", {{ $clusterLabel }}=~"$cluster"}, pod) + hide: 0 + includeAll: true + multi: true + name: pod + options: [] + query: + query: label_values(kube_pod_info{namespace="$namespace", {{ $clusterLabel }}=~"$cluster"}, pod) + refId: Prometheus-pod-Variable-Query + refresh: 2 + regex: '' + skipUrlSync: false + sort: 1 + tagValuesQuery: '' + tagsQuery: '' + type: query + useTags: false + - current: + selected: false + text: 30s + value: 30s + hide: 0 + includeAll: false + multi: false + name: resolution + options: + - selected: false + text: 1s + value: 1s + - selected: false + text: 15s + value: 15s + - selected: true + text: 30s + value: 30s + - selected: false + text: 1m + value: 1m + - selected: false + text: 3m + value: 3m + - selected: false + text: 5m + value: 5m + query: 1s, 15s, 30s, 1m, 3m, 5m + queryValue: '' + skipUrlSync: false + type: custom + - current: + selected: false + text: kube-state-metrics + value: kube-state-metrics + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(kube_pod_info{namespace="$namespace", {{ $clusterLabel }}=~"$cluster"},job) + hide: 0 + includeAll: false + multi: true + name: job + options: [] + query: + qryType: 1 + query: label_values(kube_pod_info{namespace="$namespace", {{ $clusterLabel }}=~"$cluster"},job) + refId: PrometheusVariableQueryEditor-VariableQuery + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + type: query +time: + from: now-1h + to: now +timepicker: {} +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: Kubernetes / Views / Pods +uid: k8s_views_pods +version: 36 +weekStart: '' diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/node-exporter-full.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/node-exporter-full.yaml new file mode 100644 index 0000000..1c852e3 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/node-exporter-full.yaml @@ -0,0 +1,15714 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +__elements: {} +__inputs: +- description: '' + label: Prometheus + name: DS_PROMETHEUS + pluginId: prometheus + pluginName: Prometheus + type: datasource +__requires: +- id: bargauge + name: Bar gauge + type: panel + version: '' +- id: gauge + name: Gauge + type: panel + version: '' +- id: grafana + name: Grafana + type: grafana + version: 9.4.3 +- id: prometheus + name: Prometheus + type: datasource + version: 1.0.0 +- id: stat + name: Stat + type: panel + version: '' +- id: timeseries + name: Time series + type: panel + version: '' +annotations: + list: + - $$hashKey: object:1058 + builtIn: 1 + datasource: + type: datasource + uid: grafana + enable: true + hide: true + iconColor: rgba(0, 211, 255, 1) + name: Annotations & Alerts + target: + limit: 100 + matchAny: false + tags: [] + type: dashboard + type: dashboard +condition: {{ false }} +editable: false +fiscalYearStartMonth: 0 +gnetId: 1860 +graphTooltip: 1 +id: null +links: +- icon: external link + tags: [] + targetBlank: true + title: GitHub + type: link + url: https://github.com/rfmoz/grafana-dashboards +- icon: external link + tags: [] + targetBlank: true + title: Grafana + type: link + url: https://grafana.com/grafana/dashboards/1860 +liveNow: false +panels: +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 0 + id: 261 + panels: [] + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: Quick CPU / Mem / Disk + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Resource pressure via PSI + fieldConfig: + defaults: + color: + mode: thresholds + decimals: 1 + links: [] + mappings: [] + max: 1 + min: 0 + thresholds: + mode: percentage + steps: + - color: green + value: null + - color: dark-yellow + value: 70 + - color: dark-red + value: 90 + unit: percentunit + overrides: [] + gridPos: + h: 4 + w: 3 + x: 0 + 'y': 1 + id: 323 + links: [] + options: + displayMode: basic + minVizHeight: 10 + minVizWidth: 0 + orientation: horizontal + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showUnfilled: true + text: {} + pluginVersion: 9.4.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: irate(node_pressure_cpu_waiting_seconds_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + instant: true + intervalFactor: 1 + legendFormat: CPU + range: false + refId: CPU some + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: irate(node_pressure_memory_waiting_seconds_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + hide: false + instant: true + intervalFactor: 1 + legendFormat: Mem + range: false + refId: Memory some + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: irate(node_pressure_io_waiting_seconds_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + hide: false + instant: true + intervalFactor: 1 + legendFormat: I/O + range: false + refId: I/O some + step: 240 + title: Pressure + type: bargauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Busy state of all CPU cores together + fieldConfig: + defaults: + color: + mode: thresholds + decimals: 1 + mappings: + - options: + match: 'null' + result: + text: N/A + type: special + max: 100 + min: 0 + thresholds: + mode: absolute + steps: + - color: rgba(50, 172, 45, 0.97) + value: null + - color: rgba(237, 129, 40, 0.89) + value: 85 + - color: rgba(245, 54, 54, 0.9) + value: 95 + unit: percent + overrides: [] + gridPos: + h: 4 + w: 3 + x: 3 + 'y': 1 + id: 20 + links: [] + options: + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showThresholdLabels: false + showThresholdMarkers: true + pluginVersion: 9.4.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: 100 * (1 - avg(rate(node_cpu_seconds_total{mode="idle", instance="$node"}[$__rate_interval]))) + hide: false + instant: true + intervalFactor: 1 + legendFormat: '' + range: false + refId: A + step: 240 + title: CPU Busy + type: gauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: System load over all CPU cores together + fieldConfig: + defaults: + color: + mode: thresholds + decimals: 1 + mappings: + - options: + match: 'null' + result: + text: N/A + type: special + max: 100 + min: 0 + thresholds: + mode: absolute + steps: + - color: rgba(50, 172, 45, 0.97) + value: null + - color: rgba(237, 129, 40, 0.89) + value: 85 + - color: rgba(245, 54, 54, 0.9) + value: 95 + unit: percent + overrides: [] + gridPos: + h: 4 + w: 3 + x: 6 + 'y': 1 + id: 155 + links: [] + options: + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showThresholdLabels: false + showThresholdMarkers: true + pluginVersion: 9.4.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: scalar(node_load1{instance="$node",job="$job"}) * 100 / count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu)) + format: time_series + hide: false + instant: true + intervalFactor: 1 + range: false + refId: A + step: 240 + title: Sys Load + type: gauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Non available RAM memory + fieldConfig: + defaults: + color: + mode: thresholds + decimals: 1 + mappings: [] + max: 100 + min: 0 + thresholds: + mode: absolute + steps: + - color: rgba(50, 172, 45, 0.97) + value: null + - color: rgba(237, 129, 40, 0.89) + value: 80 + - color: rgba(245, 54, 54, 0.9) + value: 90 + unit: percent + overrides: [] + gridPos: + h: 4 + w: 3 + x: 9 + 'y': 1 + hideTimeOverride: false + id: 16 + links: [] + options: + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showThresholdLabels: false + showThresholdMarkers: true + pluginVersion: 9.4.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: ((node_memory_MemTotal_bytes{instance="$node", job="$job"} - node_memory_MemFree_bytes{instance="$node", job="$job"}) / node_memory_MemTotal_bytes{instance="$node", job="$job"}) * 100 + format: time_series + hide: true + instant: true + intervalFactor: 1 + range: false + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: (1 - (node_memory_MemAvailable_bytes{instance="$node", job="$job"} / node_memory_MemTotal_bytes{instance="$node", job="$job"})) * 100 + format: time_series + hide: false + instant: true + intervalFactor: 1 + range: false + refId: B + step: 240 + title: RAM Used + type: gauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Used Swap + fieldConfig: + defaults: + color: + mode: thresholds + decimals: 1 + mappings: + - options: + match: 'null' + result: + text: N/A + type: special + max: 100 + min: 0 + thresholds: + mode: absolute + steps: + - color: rgba(50, 172, 45, 0.97) + value: null + - color: rgba(237, 129, 40, 0.89) + value: 10 + - color: rgba(245, 54, 54, 0.9) + value: 25 + unit: percent + overrides: [] + gridPos: + h: 4 + w: 3 + x: 12 + 'y': 1 + id: 21 + links: [] + options: + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showThresholdLabels: false + showThresholdMarkers: true + pluginVersion: 9.4.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: ((node_memory_SwapTotal_bytes{instance="$node",job="$job"} - node_memory_SwapFree_bytes{instance="$node",job="$job"}) / (node_memory_SwapTotal_bytes{instance="$node",job="$job"})) * 100 + instant: true + intervalFactor: 1 + range: false + refId: A + step: 240 + title: SWAP Used + type: gauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Used Root FS + fieldConfig: + defaults: + color: + mode: thresholds + decimals: 1 + mappings: + - options: + match: 'null' + result: + text: N/A + type: special + max: 100 + min: 0 + thresholds: + mode: absolute + steps: + - color: rgba(50, 172, 45, 0.97) + value: null + - color: rgba(237, 129, 40, 0.89) + value: 80 + - color: rgba(245, 54, 54, 0.9) + value: 90 + unit: percent + overrides: [] + gridPos: + h: 4 + w: 3 + x: 15 + 'y': 1 + id: 154 + links: [] + options: + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showThresholdLabels: false + showThresholdMarkers: true + pluginVersion: 9.4.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: 100 - ((node_filesystem_avail_bytes{instance="$node",job="$job",mountpoint="/",fstype!="rootfs"} * 100) / node_filesystem_size_bytes{instance="$node",job="$job",mountpoint="/",fstype!="rootfs"}) + format: time_series + instant: true + intervalFactor: 1 + range: false + refId: A + step: 240 + title: Root FS Used + type: gauge +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Total number of CPU cores + fieldConfig: + defaults: + color: + mode: thresholds + mappings: + - options: + match: 'null' + result: + text: N/A + type: special + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 2 + w: 2 + x: 18 + 'y': 1 + id: 14 + links: [] + maxDataPoints: 100 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: horizontal + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + textMode: auto + pluginVersion: 9.4.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu)) + instant: true + legendFormat: __auto + range: false + refId: A + title: CPU Cores + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: System uptime + fieldConfig: + defaults: + color: + mode: thresholds + decimals: 1 + mappings: + - options: + match: 'null' + result: + text: N/A + type: special + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 2 + w: 4 + x: 20 + 'y': 1 + hideTimeOverride: true + id: 15 + links: [] + maxDataPoints: 100 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: horizontal + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + textMode: auto + pluginVersion: 9.4.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: node_time_seconds{instance="$node",job="$job"} - node_boot_time_seconds{instance="$node",job="$job"} + instant: true + intervalFactor: 1 + range: false + refId: A + step: 240 + title: Uptime + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Total RootFS + fieldConfig: + defaults: + color: + mode: thresholds + decimals: 0 + mappings: + - options: + match: 'null' + result: + text: N/A + type: special + thresholds: + mode: absolute + steps: + - color: rgba(50, 172, 45, 0.97) + value: null + - color: rgba(237, 129, 40, 0.89) + value: 70 + - color: rgba(245, 54, 54, 0.9) + value: 90 + unit: bytes + overrides: [] + gridPos: + h: 2 + w: 2 + x: 18 + 'y': 3 + id: 23 + links: [] + maxDataPoints: 100 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: horizontal + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + textMode: auto + pluginVersion: 9.4.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: node_filesystem_size_bytes{instance="$node",job="$job",mountpoint="/",fstype!="rootfs"} + format: time_series + hide: false + instant: true + intervalFactor: 1 + range: false + refId: A + step: 240 + title: RootFS Total + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Total RAM + fieldConfig: + defaults: + color: + mode: thresholds + decimals: 0 + mappings: + - options: + match: 'null' + result: + text: N/A + type: special + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 2 + w: 2 + x: 20 + 'y': 3 + id: 75 + links: [] + maxDataPoints: 100 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: horizontal + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + textMode: auto + pluginVersion: 9.4.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: node_memory_MemTotal_bytes{instance="$node",job="$job"} + instant: true + intervalFactor: 1 + range: false + refId: A + step: 240 + title: RAM Total + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Total SWAP + fieldConfig: + defaults: + color: + mode: thresholds + decimals: 0 + mappings: + - options: + match: 'null' + result: + text: N/A + type: special + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 2 + w: 2 + x: 22 + 'y': 3 + id: 18 + links: [] + maxDataPoints: 100 + options: + colorMode: none + graphMode: none + justifyMode: auto + orientation: horizontal + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + textMode: auto + pluginVersion: 9.4.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: node_memory_SwapTotal_bytes{instance="$node",job="$job"} + instant: true + intervalFactor: 1 + range: false + refId: A + step: 240 + title: SWAP Total + type: stat +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 5 + id: 263 + panels: [] + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: Basic CPU / Mem / Net / Disk + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Basic CPU info + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 40 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: smooth + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: percent + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: + - matcher: + id: byName + options: Busy Iowait + properties: + - id: color + value: + fixedColor: '#890F02' + mode: fixed + - matcher: + id: byName + options: Idle + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: Busy Iowait + properties: + - id: color + value: + fixedColor: '#890F02' + mode: fixed + - matcher: + id: byName + options: Idle + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byName + options: Busy System + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: Busy User + properties: + - id: color + value: + fixedColor: '#0A437C' + mode: fixed + - matcher: + id: byName + options: Busy Other + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 6 + id: 77 + links: [] + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + width: 250 + tooltip: + mode: multi + sort: desc + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + exemplar: false + expr: sum(irate(node_cpu_seconds_total{instance="$node",job="$job", mode="system"}[$__rate_interval])) / scalar(count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu))) + format: time_series + hide: false + instant: false + intervalFactor: 1 + legendFormat: Busy System + range: true + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(irate(node_cpu_seconds_total{instance="$node",job="$job", mode="user"}[$__rate_interval])) / scalar(count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu))) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Busy User + range: true + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(irate(node_cpu_seconds_total{instance="$node",job="$job", mode="iowait"}[$__rate_interval])) / scalar(count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu))) + format: time_series + intervalFactor: 1 + legendFormat: Busy Iowait + range: true + refId: C + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(irate(node_cpu_seconds_total{instance="$node",job="$job", mode=~".*irq"}[$__rate_interval])) / scalar(count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu))) + format: time_series + intervalFactor: 1 + legendFormat: Busy IRQs + range: true + refId: D + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(irate(node_cpu_seconds_total{instance="$node",job="$job", mode!='idle',mode!='user',mode!='system',mode!='iowait',mode!='irq',mode!='softirq'}[$__rate_interval])) / scalar(count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu))) + format: time_series + intervalFactor: 1 + legendFormat: Busy Other + range: true + refId: E + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(irate(node_cpu_seconds_total{instance="$node",job="$job", mode="idle"}[$__rate_interval])) / scalar(count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu))) + format: time_series + intervalFactor: 1 + legendFormat: Idle + range: true + refId: F + step: 240 + title: CPU Basic + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Basic memory usage + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 40 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Apps + properties: + - id: color + value: + fixedColor: '#629E51' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#0A437C' + mode: fixed + - matcher: + id: byName + options: Hardware Corrupted - Amount of RAM that the kernel identified as corrupted / not working + properties: + - id: color + value: + fixedColor: '#CFFAFF' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: RAM_Free + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byName + options: SWAP Used + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Slab + properties: + - id: color + value: + fixedColor: '#806EB7' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap Used + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Swap_Free + properties: + - id: color + value: + fixedColor: '#2F575E' + mode: fixed + - matcher: + id: byName + options: Unused + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: RAM Total + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - id: custom.fillOpacity + value: 0 + - id: custom.stacking + value: + group: false + mode: normal + - matcher: + id: byName + options: RAM Cache + Buffer + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: RAM Free + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byName + options: Available + properties: + - id: color + value: + fixedColor: '#DEDAF7' + mode: fixed + - id: custom.fillOpacity + value: 0 + - id: custom.stacking + value: + group: false + mode: normal + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 6 + id: 78 + links: [] + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + width: 350 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_MemTotal_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: RAM Total + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_MemTotal_bytes{instance="$node",job="$job"} - node_memory_MemFree_bytes{instance="$node",job="$job"} - (node_memory_Cached_bytes{instance="$node",job="$job"} + node_memory_Buffers_bytes{instance="$node",job="$job"} + node_memory_SReclaimable_bytes{instance="$node",job="$job"}) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: RAM Used + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Cached_bytes{instance="$node",job="$job"} + node_memory_Buffers_bytes{instance="$node",job="$job"} + node_memory_SReclaimable_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: RAM Cache + Buffer + refId: C + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_MemFree_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: RAM Free + refId: D + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: (node_memory_SwapTotal_bytes{instance="$node",job="$job"} - node_memory_SwapFree_bytes{instance="$node",job="$job"}) + format: time_series + intervalFactor: 1 + legendFormat: SWAP Used + refId: E + step: 240 + title: Memory Basic + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Basic network info per interface + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 40 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bps + overrides: + - matcher: + id: byName + options: Recv_bytes_eth2 + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byName + options: Recv_bytes_lo + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Recv_drop_eth2 + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byName + options: Recv_drop_lo + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byName + options: Recv_errs_eth2 + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Recv_errs_lo + properties: + - id: color + value: + fixedColor: '#CCA300' + mode: fixed + - matcher: + id: byName + options: Trans_bytes_eth2 + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byName + options: Trans_bytes_lo + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Trans_drop_eth2 + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byName + options: Trans_drop_lo + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byName + options: Trans_errs_eth2 + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Trans_errs_lo + properties: + - id: color + value: + fixedColor: '#CCA300' + mode: fixed + - matcher: + id: byName + options: recv_bytes_lo + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: recv_drop_eth0 + properties: + - id: color + value: + fixedColor: '#99440A' + mode: fixed + - matcher: + id: byName + options: recv_drop_lo + properties: + - id: color + value: + fixedColor: '#967302' + mode: fixed + - matcher: + id: byName + options: recv_errs_eth0 + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: recv_errs_lo + properties: + - id: color + value: + fixedColor: '#890F02' + mode: fixed + - matcher: + id: byName + options: trans_bytes_eth0 + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byName + options: trans_bytes_lo + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: trans_drop_eth0 + properties: + - id: color + value: + fixedColor: '#99440A' + mode: fixed + - matcher: + id: byName + options: trans_drop_lo + properties: + - id: color + value: + fixedColor: '#967302' + mode: fixed + - matcher: + id: byName + options: trans_errs_eth0 + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: trans_errs_lo + properties: + - id: color + value: + fixedColor: '#890F02' + mode: fixed + - matcher: + id: byRegexp + options: /.*trans.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 13 + id: 74 + links: [] + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_receive_bytes_total{instance="$node",job="$job"}[$__rate_interval])*8 + format: time_series + intervalFactor: 1 + legendFormat: recv {{`{{`}}device{{`}}`}} + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_transmit_bytes_total{instance="$node",job="$job"}[$__rate_interval])*8 + format: time_series + intervalFactor: 1 + legendFormat: 'trans {{`{{`}}device{{`}}`}} ' + refId: B + step: 240 + title: Network Traffic Basic + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Disk space used of all filesystems mounted + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 40 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + max: 100 + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percent + overrides: [] + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 13 + id: 152 + links: [] + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: 100 - ((node_filesystem_avail_bytes{instance="$node",job="$job",device!~'rootfs'} * 100) / node_filesystem_size_bytes{instance="$node",job="$job",device!~'rootfs'}) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}mountpoint{{`}}`}}' + refId: A + step: 240 + title: Disk Space Used Basic + type: timeseries +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 20 + id: 265 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: percentage + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 70 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: percent + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: + - matcher: + id: byName + options: Idle - Waiting for something to happen + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: Iowait - Waiting for I/O to complete + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: Irq - Servicing interrupts + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Nice - Niced processes executing in user mode + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Softirq - Servicing softirqs + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byName + options: Steal - Time spent in other operating systems when running in a virtualized environment + properties: + - id: color + value: + fixedColor: '#FCE2DE' + mode: fixed + - matcher: + id: byName + options: System - Processes executing in kernel mode + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: User - Normal processes executing in user mode + properties: + - id: color + value: + fixedColor: '#5195CE' + mode: fixed + gridPos: + h: 12 + w: 12 + x: 0 + 'y': 21 + id: 3 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 250 + tooltip: + mode: multi + sort: desc + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(irate(node_cpu_seconds_total{instance="$node",job="$job", mode="system"}[$__rate_interval])) / scalar(count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu))) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: System - Processes executing in kernel mode + range: true + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(irate(node_cpu_seconds_total{instance="$node",job="$job", mode="user"}[$__rate_interval])) / scalar(count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu))) + format: time_series + intervalFactor: 1 + legendFormat: User - Normal processes executing in user mode + range: true + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(irate(node_cpu_seconds_total{instance="$node",job="$job", mode="nice"}[$__rate_interval])) / scalar(count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu))) + format: time_series + intervalFactor: 1 + legendFormat: Nice - Niced processes executing in user mode + range: true + refId: C + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum by(instance) (irate(node_cpu_seconds_total{instance="$node",job="$job", mode="iowait"}[$__rate_interval])) / scalar(count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu))) + format: time_series + intervalFactor: 1 + legendFormat: Iowait - Waiting for I/O to complete + range: true + refId: E + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(irate(node_cpu_seconds_total{instance="$node",job="$job", mode="irq"}[$__rate_interval])) / scalar(count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu))) + format: time_series + intervalFactor: 1 + legendFormat: Irq - Servicing interrupts + range: true + refId: F + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(irate(node_cpu_seconds_total{instance="$node",job="$job", mode="softirq"}[$__rate_interval])) / scalar(count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu))) + format: time_series + intervalFactor: 1 + legendFormat: Softirq - Servicing softirqs + range: true + refId: G + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(irate(node_cpu_seconds_total{instance="$node",job="$job", mode="steal"}[$__rate_interval])) / scalar(count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu))) + format: time_series + intervalFactor: 1 + legendFormat: Steal - Time spent in other operating systems when running in a virtualized environment + range: true + refId: H + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum(irate(node_cpu_seconds_total{instance="$node",job="$job", mode="idle"}[$__rate_interval])) / scalar(count(count(node_cpu_seconds_total{instance="$node",job="$job"}) by (cpu))) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Idle - Waiting for something to happen + range: true + refId: J + step: 240 + title: CPU + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 40 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Apps + properties: + - id: color + value: + fixedColor: '#629E51' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#0A437C' + mode: fixed + - matcher: + id: byName + options: Hardware Corrupted - Amount of RAM that the kernel identified as corrupted / not working + properties: + - id: color + value: + fixedColor: '#CFFAFF' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: RAM_Free + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byName + options: Slab + properties: + - id: color + value: + fixedColor: '#806EB7' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap - Swap memory usage + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Swap_Free + properties: + - id: color + value: + fixedColor: '#2F575E' + mode: fixed + - matcher: + id: byName + options: Unused + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: Unused - Free memory unassigned + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byRegexp + options: /.*Hardware Corrupted - *./ + properties: + - id: custom.stacking + value: + group: false + mode: normal + gridPos: + h: 12 + w: 12 + x: 12 + 'y': 21 + id: 24 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 350 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_MemTotal_bytes{instance="$node",job="$job"} - node_memory_MemFree_bytes{instance="$node",job="$job"} - node_memory_Buffers_bytes{instance="$node",job="$job"} - node_memory_Cached_bytes{instance="$node",job="$job"} - node_memory_Slab_bytes{instance="$node",job="$job"} - node_memory_PageTables_bytes{instance="$node",job="$job"} - node_memory_SwapCached_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Apps - Memory used by user-space applications + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_PageTables_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: PageTables - Memory used to map between virtual and physical memory addresses + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_SwapCached_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: SwapCache - Memory that keeps track of pages that have been fetched from swap but not yet been modified + refId: C + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Slab_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Slab - Memory used by the kernel to cache data structures for its own use (caches like inode, dentry, etc) + refId: D + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Cached_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Cache - Parked file data (file content) cache + refId: E + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Buffers_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Buffers - Block device (e.g. harddisk) cache + refId: F + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_MemFree_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Unused - Free memory unassigned + refId: G + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: (node_memory_SwapTotal_bytes{instance="$node",job="$job"} - node_memory_SwapFree_bytes{instance="$node",job="$job"}) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Swap - Swap space used + refId: H + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_HardwareCorrupted_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Hardware Corrupted - Amount of RAM that the kernel identified as corrupted / not working + refId: I + step: 240 + title: Memory Stack + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bits out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 40 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bps + overrides: + - matcher: + id: byName + options: receive_packets_eth0 + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byName + options: receive_packets_lo + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byName + options: transmit_packets_eth0 + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byName + options: transmit_packets_lo + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byRegexp + options: /.*Trans.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 12 + w: 12 + x: 0 + 'y': 33 + id: 84 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_receive_bytes_total{instance="$node",job="$job"}[$__rate_interval])*8 + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Receive' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_transmit_bytes_total{instance="$node",job="$job"}[$__rate_interval])*8 + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Transmit' + refId: B + step: 240 + title: Network Traffic + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 40 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 12 + w: 12 + x: 12 + 'y': 33 + id: 156 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_filesystem_size_bytes{instance="$node",job="$job",device!~'rootfs'} - node_filesystem_avail_bytes{instance="$node",job="$job",device!~'rootfs'} + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}mountpoint{{`}}`}}' + refId: A + step: 240 + title: Disk Space Used + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: IO read (-) / write (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: iops + overrides: + - matcher: + id: byRegexp + options: /.*Read.*/ + properties: + - id: custom.transform + value: negative-Y + - matcher: + id: byRegexp + options: /.*sda_.*/ + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb_.*/ + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc_.*/ + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd_.*/ + properties: + - id: color + value: + fixedColor: '#EF843C' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde_.*/ + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda1.*/ + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda2_.*/ + properties: + - id: color + value: + fixedColor: '#BA43A9' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda3_.*/ + properties: + - id: color + value: + fixedColor: '#F4D598' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb1.*/ + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb2.*/ + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb2.*/ + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb3.*/ + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc1.*/ + properties: + - id: color + value: + fixedColor: '#962D82' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc2.*/ + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc3.*/ + properties: + - id: color + value: + fixedColor: '#9AC48A' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd1.*/ + properties: + - id: color + value: + fixedColor: '#65C5DB' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#F9934E' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd3.*/ + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde1.*/ + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#FCEACA' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde3.*/ + properties: + - id: color + value: + fixedColor: '#F9E2D2' + mode: fixed + gridPos: + h: 12 + w: 12 + x: 0 + 'y': 45 + id: 229 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_reads_completed_total{instance="$node",job="$job",device=~"$diskdevices"}[$__rate_interval]) + intervalFactor: 4 + legendFormat: '{{`{{`}}device{{`}}`}} - Reads completed' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_writes_completed_total{instance="$node",job="$job",device=~"$diskdevices"}[$__rate_interval]) + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Writes completed' + refId: B + step: 240 + title: Disk IOps + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes read (-) / write (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 40 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: Bps + overrides: + - matcher: + id: byName + options: io time + properties: + - id: color + value: + fixedColor: '#890F02' + mode: fixed + - matcher: + id: byRegexp + options: /.*read*./ + properties: + - id: custom.transform + value: negative-Y + - matcher: + id: byRegexp + options: /.*sda.*/ + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb.*/ + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc.*/ + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd.*/ + properties: + - id: color + value: + fixedColor: '#EF843C' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde.*/ + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byType + options: time + properties: + - id: custom.axisPlacement + value: hidden + gridPos: + h: 12 + w: 12 + x: 12 + 'y': 45 + id: 42 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_read_bytes_total{instance="$node",job="$job",device=~"$diskdevices"}[$__rate_interval]) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Successfully read bytes' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_written_bytes_total{instance="$node",job="$job",device=~"$diskdevices"}[$__rate_interval]) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Successfully written bytes' + refId: B + step: 240 + title: I/O Usage Read / Write + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '%util' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 40 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: + - matcher: + id: byName + options: io time + properties: + - id: color + value: + fixedColor: '#890F02' + mode: fixed + - matcher: + id: byType + options: time + properties: + - id: custom.axisPlacement + value: hidden + gridPos: + h: 12 + w: 12 + x: 0 + 'y': 57 + id: 127 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_io_time_seconds_total{instance="$node",job="$job",device=~"$diskdevices"} [$__rate_interval]) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}}' + refId: A + step: 240 + title: I/O Utilization + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: percentage + axisPlacement: auto + barAlignment: 0 + drawStyle: bars + fillOpacity: 70 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: smooth + lineWidth: 2 + pointSize: 3 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + max: 1 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: + - matcher: + id: byRegexp + options: /^Guest - / + properties: + - id: color + value: + fixedColor: '#5195ce' + mode: fixed + - matcher: + id: byRegexp + options: /^GuestNice - / + properties: + - id: color + value: + fixedColor: '#c15c17' + mode: fixed + gridPos: + h: 12 + w: 12 + x: 12 + 'y': 57 + id: 319 + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum by(instance) (irate(node_cpu_guest_seconds_total{instance="$node",job="$job", mode="user"}[1m])) / on(instance) group_left sum by (instance)((irate(node_cpu_seconds_total{instance="$node",job="$job"}[1m]))) + hide: false + legendFormat: Guest - Time spent running a virtual CPU for a guest operating system + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: sum by(instance) (irate(node_cpu_guest_seconds_total{instance="$node",job="$job", mode="nice"}[1m])) / on(instance) group_left sum by (instance)((irate(node_cpu_seconds_total{instance="$node",job="$job"}[1m]))) + hide: false + legendFormat: GuestNice - Time spent running a niced guest (virtual CPU for guest operating system) + range: true + refId: B + title: CPU spent seconds in guests (VMs) + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: CPU / Memory / Net / Disk + type: row +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 21 + id: 266 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Apps + properties: + - id: color + value: + fixedColor: '#629E51' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#0A437C' + mode: fixed + - matcher: + id: byName + options: Hardware Corrupted - Amount of RAM that the kernel identified as corrupted / not working + properties: + - id: color + value: + fixedColor: '#CFFAFF' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: RAM_Free + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byName + options: Slab + properties: + - id: color + value: + fixedColor: '#806EB7' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Swap_Free + properties: + - id: color + value: + fixedColor: '#2F575E' + mode: fixed + - matcher: + id: byName + options: Unused + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 54 + id: 136 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 350 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Inactive_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: Inactive - Memory which has been less recently used. It is more eligible to be reclaimed for other purposes + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Active_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: Active - Memory that has been used more recently and usually not reclaimed unless absolutely necessary + refId: B + step: 240 + title: Memory Active / Inactive + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Apps + properties: + - id: color + value: + fixedColor: '#629E51' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#0A437C' + mode: fixed + - matcher: + id: byName + options: Hardware Corrupted - Amount of RAM that the kernel identified as corrupted / not working + properties: + - id: color + value: + fixedColor: '#CFFAFF' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: RAM_Free + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byName + options: Slab + properties: + - id: color + value: + fixedColor: '#806EB7' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Swap_Free + properties: + - id: color + value: + fixedColor: '#2F575E' + mode: fixed + - matcher: + id: byName + options: Unused + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byRegexp + options: /.*CommitLimit - *./ + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - id: custom.fillOpacity + value: 0 + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 54 + id: 135 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 350 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Committed_AS_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: Committed_AS - Amount of memory presently allocated on the system + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_CommitLimit_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: CommitLimit - Amount of memory currently available to be allocated on the system + refId: B + step: 240 + title: Memory Committed + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Apps + properties: + - id: color + value: + fixedColor: '#629E51' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#0A437C' + mode: fixed + - matcher: + id: byName + options: Hardware Corrupted - Amount of RAM that the kernel identified as corrupted / not working + properties: + - id: color + value: + fixedColor: '#CFFAFF' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: RAM_Free + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byName + options: Slab + properties: + - id: color + value: + fixedColor: '#806EB7' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Swap_Free + properties: + - id: color + value: + fixedColor: '#2F575E' + mode: fixed + - matcher: + id: byName + options: Unused + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 64 + id: 191 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 350 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Inactive_file_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Inactive_file - File-backed memory on inactive LRU list + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Inactive_anon_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Inactive_anon - Anonymous and swap cache on inactive LRU list, including tmpfs (shmem) + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Active_file_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Active_file - File-backed memory on active LRU list + refId: C + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Active_anon_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Active_anon - Anonymous and swap cache on active least-recently-used (LRU) list, including tmpfs + refId: D + step: 240 + title: Memory Active / Inactive Detail + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Active + properties: + - id: color + value: + fixedColor: '#99440A' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#58140C' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Dirty + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#B7DBAB' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byName + options: Mapped + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Total + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Total RAM + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: Total RAM + Swap + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: Total Swap + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byName + options: VmallocUsed + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 64 + id: 130 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Writeback_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: Writeback - Memory which is actively being written back to disk + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_WritebackTmp_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: WritebackTmp - Memory used by FUSE for temporary writeback buffers + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Dirty_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: Dirty - Memory which is waiting to get written back to the disk + refId: C + step: 240 + title: Memory Writeback and Dirty + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Apps + properties: + - id: color + value: + fixedColor: '#629E51' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#0A437C' + mode: fixed + - matcher: + id: byName + options: Hardware Corrupted - Amount of RAM that the kernel identified as corrupted / not working + properties: + - id: color + value: + fixedColor: '#CFFAFF' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: RAM_Free + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byName + options: Slab + properties: + - id: color + value: + fixedColor: '#806EB7' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Swap_Free + properties: + - id: color + value: + fixedColor: '#2F575E' + mode: fixed + - matcher: + id: byName + options: Unused + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: ShmemHugePages - Memory used by shared memory (shmem) and tmpfs allocated with huge pages + properties: + - id: custom.fillOpacity + value: 0 + - matcher: + id: byName + options: ShmemHugePages - Memory used by shared memory (shmem) and tmpfs allocated with huge pages + properties: + - id: custom.fillOpacity + value: 0 + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 74 + id: 138 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 350 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Mapped_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: Mapped - Used memory in mapped pages files which have been mapped, such as libraries + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Shmem_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: Shmem - Used shared memory (shared between several processes, thus including RAM disks) + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_ShmemHugePages_bytes{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: ShmemHugePages - Memory used by shared memory (shmem) and tmpfs allocated with huge pages + refId: C + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_ShmemPmdMapped_bytes{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: ShmemPmdMapped - Amount of shared (shmem/tmpfs) memory backed by huge pages + refId: D + step: 240 + title: Memory Shared and Mapped + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Active + properties: + - id: color + value: + fixedColor: '#99440A' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#58140C' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Dirty + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#B7DBAB' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byName + options: Mapped + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Total + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Total RAM + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: Total RAM + Swap + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: Total Swap + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byName + options: VmallocUsed + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 74 + id: 131 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_SUnreclaim_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: SUnreclaim - Part of Slab, that cannot be reclaimed on memory pressure + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_SReclaimable_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: SReclaimable - Part of Slab, that might be reclaimed, such as caches + refId: B + step: 240 + title: Memory Slab + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Active + properties: + - id: color + value: + fixedColor: '#99440A' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#58140C' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Dirty + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#B7DBAB' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byName + options: Mapped + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Total + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Total RAM + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: Total RAM + Swap + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: VmallocUsed + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 84 + id: 70 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_VmallocChunk_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: VmallocChunk - Largest contiguous block of vmalloc area which is free + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_VmallocTotal_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: VmallocTotal - Total size of vmalloc memory area + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_VmallocUsed_bytes{instance="$node",job="$job"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: VmallocUsed - Amount of vmalloc area which is used + refId: C + step: 240 + title: Memory Vmalloc + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Apps + properties: + - id: color + value: + fixedColor: '#629E51' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#0A437C' + mode: fixed + - matcher: + id: byName + options: Hardware Corrupted - Amount of RAM that the kernel identified as corrupted / not working + properties: + - id: color + value: + fixedColor: '#CFFAFF' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: RAM_Free + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byName + options: Slab + properties: + - id: color + value: + fixedColor: '#806EB7' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Swap_Free + properties: + - id: color + value: + fixedColor: '#2F575E' + mode: fixed + - matcher: + id: byName + options: Unused + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 84 + id: 159 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 350 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Bounce_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: Bounce - Memory used for block device bounce buffers + refId: A + step: 240 + title: Memory Bounce + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Active + properties: + - id: color + value: + fixedColor: '#99440A' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#58140C' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Dirty + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#B7DBAB' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byName + options: Mapped + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Total + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Total RAM + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: Total RAM + Swap + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: VmallocUsed + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byRegexp + options: /.*Inactive *./ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 94 + id: 129 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_AnonHugePages_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: AnonHugePages - Memory in anonymous huge pages + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_AnonPages_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: AnonPages - Memory in user pages not backed by files + refId: B + step: 240 + title: Memory Anonymous + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Apps + properties: + - id: color + value: + fixedColor: '#629E51' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#0A437C' + mode: fixed + - matcher: + id: byName + options: Hardware Corrupted - Amount of RAM that the kernel identified as corrupted / not working + properties: + - id: color + value: + fixedColor: '#CFFAFF' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: RAM_Free + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byName + options: Slab + properties: + - id: color + value: + fixedColor: '#806EB7' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Swap_Free + properties: + - id: color + value: + fixedColor: '#2F575E' + mode: fixed + - matcher: + id: byName + options: Unused + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 94 + id: 160 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 350 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_KernelStack_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: KernelStack - Kernel memory stack. This is not reclaimable + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Percpu_bytes{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: PerCPU - Per CPU memory allocated dynamically by loadable modules + refId: B + step: 240 + title: Memory Kernel / CPU + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: pages + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: Active + properties: + - id: color + value: + fixedColor: '#99440A' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#58140C' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Dirty + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#B7DBAB' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byName + options: Mapped + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Total + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Total RAM + properties: + - id: color + value: + fixedColor: '#806EB7' + mode: fixed + - matcher: + id: byName + options: Total RAM + Swap + properties: + - id: color + value: + fixedColor: '#806EB7' + mode: fixed + - matcher: + id: byName + options: VmallocUsed + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 104 + id: 140 + links: [] + options: + legend: + calcs: + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_HugePages_Free{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: HugePages_Free - Huge pages in the pool that are not yet allocated + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_HugePages_Rsvd{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: HugePages_Rsvd - Huge pages for which a commitment to allocate from the pool has been made, but no allocation has yet been made + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_HugePages_Surp{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: HugePages_Surp - Huge pages in the pool above the value in /proc/sys/vm/nr_hugepages + refId: C + step: 240 + title: Memory HugePages Counter + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Active + properties: + - id: color + value: + fixedColor: '#99440A' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#58140C' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Dirty + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#B7DBAB' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byName + options: Mapped + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Total + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Total RAM + properties: + - id: color + value: + fixedColor: '#806EB7' + mode: fixed + - matcher: + id: byName + options: Total RAM + Swap + properties: + - id: color + value: + fixedColor: '#806EB7' + mode: fixed + - matcher: + id: byName + options: VmallocUsed + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 104 + id: 71 + links: [] + options: + legend: + calcs: + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_HugePages_Total{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: HugePages - Total size of the pool of huge pages + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Hugepagesize_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: Hugepagesize - Huge Page size + refId: B + step: 240 + title: Memory HugePages Size + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Active + properties: + - id: color + value: + fixedColor: '#99440A' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#58140C' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Dirty + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#B7DBAB' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byName + options: Mapped + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Total + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Total RAM + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: Total RAM + Swap + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: VmallocUsed + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 114 + id: 128 + links: [] + options: + legend: + calcs: + - mean + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_DirectMap1G_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: DirectMap1G - Amount of pages mapped as this size + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_DirectMap2M_bytes{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: DirectMap2M - Amount of pages mapped as this size + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_DirectMap4k_bytes{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: DirectMap4K - Amount of pages mapped as this size + refId: C + step: 240 + title: Memory DirectMap + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Apps + properties: + - id: color + value: + fixedColor: '#629E51' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#0A437C' + mode: fixed + - matcher: + id: byName + options: Hardware Corrupted - Amount of RAM that the kernel identified as corrupted / not working + properties: + - id: color + value: + fixedColor: '#CFFAFF' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: RAM_Free + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byName + options: Slab + properties: + - id: color + value: + fixedColor: '#806EB7' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Swap_Free + properties: + - id: color + value: + fixedColor: '#2F575E' + mode: fixed + - matcher: + id: byName + options: Unused + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 114 + id: 137 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 350 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Unevictable_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: Unevictable - Amount of unevictable memory that can't be swapped out for a variety of reasons + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_Mlocked_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: MLocked - Size of pages locked to memory using the mlock() system call + refId: B + step: 240 + title: Memory Unevictable and MLocked + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: Active + properties: + - id: color + value: + fixedColor: '#99440A' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#58140C' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Dirty + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#B7DBAB' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byName + options: Mapped + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Total + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Total RAM + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: Total RAM + Swap + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: Total Swap + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byName + options: VmallocUsed + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 124 + id: 132 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_memory_NFS_Unstable_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: NFS Unstable - Memory in NFS pages sent to the server, but not yet committed to the storage + refId: A + step: 240 + title: Memory NFS + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: Memory Meminfo + type: row +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 22 + id: 267 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: pages out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*out/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 41 + id: 176 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_vmstat_pgpgin{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: Pagesin - Page in operations + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_vmstat_pgpgout{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: Pagesout - Page out operations + refId: B + step: 240 + title: Memory Pages In / Out + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: pages out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*out/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 41 + id: 22 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_vmstat_pswpin{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: Pswpin - Pages swapped in + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_vmstat_pswpout{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: Pswpout - Pages swapped out + refId: B + step: 240 + title: Memory Pages Swap In / Out + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: faults + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: Apps + properties: + - id: color + value: + fixedColor: '#629E51' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#0A437C' + mode: fixed + - matcher: + id: byName + options: Hardware Corrupted - Amount of RAM that the kernel identified as corrupted / not working + properties: + - id: color + value: + fixedColor: '#CFFAFF' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: RAM_Free + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byName + options: Slab + properties: + - id: color + value: + fixedColor: '#806EB7' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Swap_Free + properties: + - id: color + value: + fixedColor: '#2F575E' + mode: fixed + - matcher: + id: byName + options: Unused + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: Pgfault - Page major and minor fault operations + properties: + - id: custom.fillOpacity + value: 0 + - id: custom.stacking + value: + group: false + mode: normal + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 51 + id: 175 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 350 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_vmstat_pgfault{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: Pgfault - Page major and minor fault operations + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_vmstat_pgmajfault{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: Pgmajfault - Major page fault operations + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_vmstat_pgfault{instance="$node",job="$job"}[$__rate_interval]) - irate(node_vmstat_pgmajfault{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: Pgminfault - Minor page fault operations + refId: C + step: 240 + title: Memory Page Faults + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: Active + properties: + - id: color + value: + fixedColor: '#99440A' + mode: fixed + - matcher: + id: byName + options: Buffers + properties: + - id: color + value: + fixedColor: '#58140C' + mode: fixed + - matcher: + id: byName + options: Cache + properties: + - id: color + value: + fixedColor: '#6D1F62' + mode: fixed + - matcher: + id: byName + options: Cached + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Committed + properties: + - id: color + value: + fixedColor: '#508642' + mode: fixed + - matcher: + id: byName + options: Dirty + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byName + options: Free + properties: + - id: color + value: + fixedColor: '#B7DBAB' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byName + options: Mapped + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: PageTables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Page_Tables + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byName + options: Slab_Cache + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byName + options: Swap + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byName + options: Swap_Cache + properties: + - id: color + value: + fixedColor: '#C15C17' + mode: fixed + - matcher: + id: byName + options: Total + properties: + - id: color + value: + fixedColor: '#511749' + mode: fixed + - matcher: + id: byName + options: Total RAM + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: Total RAM + Swap + properties: + - id: color + value: + fixedColor: '#052B51' + mode: fixed + - matcher: + id: byName + options: Total Swap + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byName + options: VmallocUsed + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 51 + id: 307 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_vmstat_oom_kill{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: 'oom killer invocations ' + refId: A + step: 240 + title: OOM Killer + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: Memory Vmstat + type: row +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 23 + id: 293 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: seconds + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: + - matcher: + id: byRegexp + options: /.*Variation*./ + properties: + - id: color + value: + fixedColor: '#890F02' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 24 + id: 260 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_timex_estimated_error_seconds{instance="$node",job="$job"} + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: Estimated error in seconds + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_timex_offset_seconds{instance="$node",job="$job"} + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: Time offset in between local system and reference clock + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_timex_maxerror_seconds{instance="$node",job="$job"} + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: Maximum error in seconds + refId: C + step: 240 + title: Time Synchronized Drift + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 24 + id: 291 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_timex_loop_time_constant{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Phase-locked loop time adjust + refId: A + step: 240 + title: Time PLL Adjust + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*Variation*./ + properties: + - id: color + value: + fixedColor: '#890F02' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 34 + id: 168 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_timex_sync_status{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Is clock synchronized to a reliable server (1 = yes, 0 = no) + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_timex_frequency_adjustment_ratio{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Local clock frequency adjustment + refId: B + step: 240 + title: Time Synchronized Status + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: seconds + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 34 + id: 294 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_timex_tick_seconds{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Seconds between clock ticks + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_timex_tai_offset_seconds{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: International Atomic Time (TAI) offset + refId: B + step: 240 + title: Time Misc + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: System Timesync + type: row +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 24 + id: 312 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 73 + id: 62 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_procs_blocked{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: Processes blocked waiting for I/O to complete + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_procs_running{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: Processes in runnable state + refId: B + step: 240 + title: Processes Status + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Enable with --collector.processes argument on node-exporter + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 73 + id: 315 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_processes_state{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}} state {{`}}`}}' + refId: A + step: 240 + title: Processes State + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: forks / sec + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 83 + id: 148 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_forks_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Processes forks second + refId: A + step: 240 + title: Processes Forks + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: decbytes + overrides: + - matcher: + id: byRegexp + options: /.*Max.*/ + properties: + - id: custom.fillOpacity + value: 0 + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 83 + id: 149 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(process_virtual_memory_bytes{instance="$node",job="$job"}[$__rate_interval]) + hide: false + interval: '' + intervalFactor: 1 + legendFormat: Processes virtual memory size in bytes + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: process_resident_memory_max_bytes{instance="$node",job="$job"} + hide: false + interval: '' + intervalFactor: 1 + legendFormat: Maximum amount of virtual memory available in bytes + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(process_virtual_memory_bytes{instance="$node",job="$job"}[$__rate_interval]) + hide: false + interval: '' + intervalFactor: 1 + legendFormat: Processes virtual memory size in bytes + refId: C + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(process_virtual_memory_max_bytes{instance="$node",job="$job"}[$__rate_interval]) + hide: false + interval: '' + intervalFactor: 1 + legendFormat: Maximum amount of virtual memory available in bytes + refId: D + step: 240 + title: Processes Memory + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Enable with --collector.processes argument on node-exporter + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: PIDs limit + properties: + - id: color + value: + fixedColor: '#F2495C' + mode: fixed + - id: custom.fillOpacity + value: 0 + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 93 + id: 313 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_processes_pids{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Number of PIDs + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_processes_max_processes{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: PIDs limit + refId: B + step: 240 + title: PIDs Number and Limit + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: seconds + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: + - matcher: + id: byRegexp + options: /.*waiting.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 93 + id: 305 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_schedstat_running_seconds_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: CPU {{`{{`}} cpu {{`}}`}} - seconds spent running a process + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_schedstat_waiting_seconds_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: CPU {{`{{`}} cpu {{`}}`}} - seconds spent by processing waiting for this CPU + refId: B + step: 240 + title: Process schedule stats Running / Waiting + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Enable with --collector.processes argument on node-exporter + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: Threads limit + properties: + - id: color + value: + fixedColor: '#F2495C' + mode: fixed + - id: custom.fillOpacity + value: 0 + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 103 + id: 314 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_processes_threads{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Allocated threads + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_processes_max_threads{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Threads limit + refId: B + step: 240 + title: Threads Number and Limit + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: System Processes + type: row +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 25 + id: 269 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 26 + id: 8 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_context_switches_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: Context switches + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_intr_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Interrupts + refId: B + step: 240 + title: Context Switches / Interrupts + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 26 + id: 7 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_load1{instance="$node",job="$job"} + format: time_series + intervalFactor: 4 + legendFormat: Load 1m + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_load5{instance="$node",job="$job"} + format: time_series + intervalFactor: 4 + legendFormat: Load 5m + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_load15{instance="$node",job="$job"} + format: time_series + intervalFactor: 4 + legendFormat: Load 15m + refId: C + step: 240 + title: System Load + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: hertz + overrides: + - matcher: + id: byName + options: Max + properties: + - id: custom.lineStyle + value: + dash: + - 10 + - 10 + fill: dash + - id: color + value: + fixedColor: blue + mode: fixed + - id: custom.fillOpacity + value: 10 + - id: custom.hideFrom + value: + legend: true + tooltip: false + viz: false + - id: custom.fillBelowTo + value: Min + - matcher: + id: byName + options: Min + properties: + - id: custom.lineStyle + value: + dash: + - 10 + - 10 + fill: dash + - id: color + value: + fixedColor: blue + mode: fixed + - id: custom.hideFrom + value: + legend: true + tooltip: false + viz: false + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 36 + id: 321 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: node_cpu_scaling_frequency_hertz{instance="$node",job="$job"} + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: CPU {{`{{`}} cpu {{`}}`}} + range: true + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: avg(node_cpu_scaling_frequency_max_hertz{instance="$node",job="$job"}) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: Max + range: true + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: avg(node_cpu_scaling_frequency_min_hertz{instance="$node",job="$job"}) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: Min + range: true + refId: C + step: 240 + title: CPU Frequency Scaling + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: https://docs.kernel.org/accounting/psi.html + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: + - matcher: + id: byName + options: Memory some + properties: + - id: color + value: + fixedColor: dark-red + mode: fixed + - matcher: + id: byName + options: Memory full + properties: + - id: color + value: + fixedColor: light-red + mode: fixed + - matcher: + id: byName + options: I/O some + properties: + - id: color + value: + fixedColor: dark-blue + mode: fixed + - matcher: + id: byName + options: I/O full + properties: + - id: color + value: + fixedColor: light-blue + mode: fixed + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 36 + id: 322 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: rate(node_pressure_cpu_waiting_seconds_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: CPU some + range: true + refId: CPU some + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: rate(node_pressure_memory_waiting_seconds_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Memory some + range: true + refId: Memory some + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: rate(node_pressure_memory_stalled_seconds_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: Memory full + range: true + refId: Memory full + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: rate(node_pressure_io_waiting_seconds_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: I/O some + range: true + refId: I/O some + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: rate(node_pressure_io_stalled_seconds_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: I/O full + range: true + refId: I/O full + step: 240 + title: Pressure Stall Information + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Enable with --collector.interrupts argument on node-exporter + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*Critical*./ + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - id: custom.fillOpacity + value: 0 + - matcher: + id: byRegexp + options: /.*Max*./ + properties: + - id: color + value: + fixedColor: '#EF843C' + mode: fixed + - id: custom.fillOpacity + value: 0 + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 46 + id: 259 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_interrupts_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}} type {{`}}`}} - {{`{{`}} info {{`}}`}}' + refId: A + step: 240 + title: Interrupts Detail + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 46 + id: 306 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_schedstat_timeslices_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: CPU {{`{{`}} cpu {{`}}`}} + refId: A + step: 240 + title: Schedule timeslices executed by each cpu + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 56 + id: 151 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_entropy_available_bits{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: Entropy available to random number generators + refId: A + step: 240 + title: Entropy + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: seconds + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 56 + id: 308 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(process_cpu_seconds_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Time spent + refId: A + step: 240 + title: CPU time spent in user and system contexts + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*Max*./ + properties: + - id: color + value: + fixedColor: '#890F02' + mode: fixed + - id: custom.fillOpacity + value: 0 + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 66 + id: 64 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: process_max_fds{instance="$node",job="$job"} + interval: '' + intervalFactor: 1 + legendFormat: Maximum open file descriptors + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: process_open_fds{instance="$node",job="$job"} + interval: '' + intervalFactor: 1 + legendFormat: Open file descriptors + refId: B + step: 240 + title: File Descriptors + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: System Misc + type: row +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 26 + id: 304 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: temperature + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: celsius + overrides: + - matcher: + id: byRegexp + options: /.*Critical*./ + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - id: custom.fillOpacity + value: 0 + - matcher: + id: byRegexp + options: /.*Max*./ + properties: + - id: color + value: + fixedColor: '#EF843C' + mode: fixed + - id: custom.fillOpacity + value: 0 + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 59 + id: 158 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_hwmon_temp_celsius{instance="$node",job="$job"} * on(chip) group_left(chip_name) node_hwmon_chip_names{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}} chip_name {{`}}`}} {{`{{`}} sensor {{`}}`}} temp' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_hwmon_temp_crit_alarm_celsius{instance="$node",job="$job"} * on(chip) group_left(chip_name) node_hwmon_chip_names{instance="$node",job="$job"} + format: time_series + hide: true + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}} chip_name {{`}}`}} {{`{{`}} sensor {{`}}`}} Critical Alarm' + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_hwmon_temp_crit_celsius{instance="$node",job="$job"} * on(chip) group_left(chip_name) node_hwmon_chip_names{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}} chip_name {{`}}`}} {{`{{`}} sensor {{`}}`}} Critical' + refId: C + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_hwmon_temp_crit_hyst_celsius{instance="$node",job="$job"} * on(chip) group_left(chip_name) node_hwmon_chip_names{instance="$node",job="$job"} + format: time_series + hide: true + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}} chip_name {{`}}`}} {{`{{`}} sensor {{`}}`}} Critical Historical' + refId: D + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_hwmon_temp_max_celsius{instance="$node",job="$job"} * on(chip) group_left(chip_name) node_hwmon_chip_names{instance="$node",job="$job"} + format: time_series + hide: true + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}} chip_name {{`}}`}} {{`{{`}} sensor {{`}}`}} Max' + refId: E + step: 240 + title: Hardware temperature monitor + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*Max*./ + properties: + - id: color + value: + fixedColor: '#EF843C' + mode: fixed + - id: custom.fillOpacity + value: 0 + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 59 + id: 300 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_cooling_device_cur_state{instance="$node",job="$job"} + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: Current {{`{{`}} name {{`}}`}} in {{`{{`}} type {{`}}`}} + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_cooling_device_max_state{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Max {{`{{`}} name {{`}}`}} in {{`{{`}} type {{`}}`}} + refId: B + step: 240 + title: Throttle cooling device + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 69 + id: 302 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_power_supply_online{instance="$node",job="$job"} + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}} power_supply {{`}}`}} online' + refId: A + step: 240 + title: Power supply + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: Hardware Misc + type: row +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 27 + id: 296 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 46 + id: 297 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_systemd_socket_accepted_connections_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}} name {{`}}`}} Connections' + refId: A + step: 240 + title: Systemd Sockets + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: Failed + properties: + - id: color + value: + fixedColor: '#F2495C' + mode: fixed + - matcher: + id: byName + options: Inactive + properties: + - id: color + value: + fixedColor: '#FF9830' + mode: fixed + - matcher: + id: byName + options: Active + properties: + - id: color + value: + fixedColor: '#73BF69' + mode: fixed + - matcher: + id: byName + options: Deactivating + properties: + - id: color + value: + fixedColor: '#FFCB7D' + mode: fixed + - matcher: + id: byName + options: Activating + properties: + - id: color + value: + fixedColor: '#C8F2C2' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 46 + id: 298 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_systemd_units{instance="$node",job="$job",state="activating"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Activating + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_systemd_units{instance="$node",job="$job",state="active"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Active + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_systemd_units{instance="$node",job="$job",state="deactivating"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Deactivating + refId: C + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_systemd_units{instance="$node",job="$job",state="failed"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Failed + refId: D + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_systemd_units{instance="$node",job="$job",state="inactive"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Inactive + refId: E + step: 240 + title: Systemd Units State + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: Systemd + type: row +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 28 + id: 270 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: The number (after merges) of I/O requests completed per second for the device + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: IO read (-) / write (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: iops + overrides: + - matcher: + id: byRegexp + options: /.*Read.*/ + properties: + - id: custom.transform + value: negative-Y + - matcher: + id: byRegexp + options: /.*sda_.*/ + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb_.*/ + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc_.*/ + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd_.*/ + properties: + - id: color + value: + fixedColor: '#EF843C' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde_.*/ + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda1.*/ + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda2_.*/ + properties: + - id: color + value: + fixedColor: '#BA43A9' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda3_.*/ + properties: + - id: color + value: + fixedColor: '#F4D598' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb1.*/ + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb2.*/ + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb3.*/ + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc1.*/ + properties: + - id: color + value: + fixedColor: '#962D82' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc2.*/ + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc3.*/ + properties: + - id: color + value: + fixedColor: '#9AC48A' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd1.*/ + properties: + - id: color + value: + fixedColor: '#65C5DB' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#F9934E' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd3.*/ + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde1.*/ + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#FCEACA' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde3.*/ + properties: + - id: color + value: + fixedColor: '#F9E2D2' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 47 + id: 9 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_reads_completed_total{instance="$node",job="$job"}[$__rate_interval]) + intervalFactor: 4 + legendFormat: '{{`{{`}}device{{`}}`}} - Reads completed' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_writes_completed_total{instance="$node",job="$job"}[$__rate_interval]) + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Writes completed' + refId: B + step: 240 + title: Disk IOps Completed + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: The number of bytes read from or written to the device per second + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes read (-) / write (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: Bps + overrides: + - matcher: + id: byRegexp + options: /.*Read.*/ + properties: + - id: custom.transform + value: negative-Y + - matcher: + id: byRegexp + options: /.*sda_.*/ + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb_.*/ + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc_.*/ + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd_.*/ + properties: + - id: color + value: + fixedColor: '#EF843C' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde_.*/ + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda1.*/ + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda2_.*/ + properties: + - id: color + value: + fixedColor: '#BA43A9' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda3_.*/ + properties: + - id: color + value: + fixedColor: '#F4D598' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb1.*/ + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb2.*/ + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb3.*/ + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc1.*/ + properties: + - id: color + value: + fixedColor: '#962D82' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc2.*/ + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc3.*/ + properties: + - id: color + value: + fixedColor: '#9AC48A' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd1.*/ + properties: + - id: color + value: + fixedColor: '#65C5DB' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#F9934E' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd3.*/ + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde1.*/ + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#FCEACA' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde3.*/ + properties: + - id: color + value: + fixedColor: '#F9E2D2' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 47 + id: 33 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_read_bytes_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 4 + legendFormat: '{{`{{`}}device{{`}}`}} - Read bytes' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_written_bytes_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Written bytes' + refId: B + step: 240 + title: Disk R/W Data + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: The average time for requests issued to the device to be served. This includes the time spent by the requests in queue and the time spent servicing them. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: time. read (-) / write (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 30 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: + - matcher: + id: byRegexp + options: /.*Read.*/ + properties: + - id: custom.transform + value: negative-Y + - matcher: + id: byRegexp + options: /.*sda_.*/ + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb_.*/ + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc_.*/ + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd_.*/ + properties: + - id: color + value: + fixedColor: '#EF843C' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde_.*/ + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda1.*/ + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda2_.*/ + properties: + - id: color + value: + fixedColor: '#BA43A9' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda3_.*/ + properties: + - id: color + value: + fixedColor: '#F4D598' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb1.*/ + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb2.*/ + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb3.*/ + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc1.*/ + properties: + - id: color + value: + fixedColor: '#962D82' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc2.*/ + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc3.*/ + properties: + - id: color + value: + fixedColor: '#9AC48A' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd1.*/ + properties: + - id: color + value: + fixedColor: '#65C5DB' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#F9934E' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd3.*/ + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde1.*/ + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#FCEACA' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde3.*/ + properties: + - id: color + value: + fixedColor: '#F9E2D2' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 57 + id: 37 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_read_time_seconds_total{instance="$node",job="$job"}[$__rate_interval]) / irate(node_disk_reads_completed_total{instance="$node",job="$job"}[$__rate_interval]) + hide: false + interval: '' + intervalFactor: 4 + legendFormat: '{{`{{`}}device{{`}}`}} - Read wait time avg' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_write_time_seconds_total{instance="$node",job="$job"}[$__rate_interval]) / irate(node_disk_writes_completed_total{instance="$node",job="$job"}[$__rate_interval]) + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Write wait time avg' + refId: B + step: 240 + title: Disk Average Wait Time + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: The average queue length of the requests that were issued to the device + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: aqu-sz + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: none + overrides: + - matcher: + id: byRegexp + options: /.*sda_.*/ + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb_.*/ + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc_.*/ + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd_.*/ + properties: + - id: color + value: + fixedColor: '#EF843C' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde_.*/ + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda1.*/ + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda2_.*/ + properties: + - id: color + value: + fixedColor: '#BA43A9' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda3_.*/ + properties: + - id: color + value: + fixedColor: '#F4D598' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb1.*/ + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb2.*/ + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb3.*/ + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc1.*/ + properties: + - id: color + value: + fixedColor: '#962D82' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc2.*/ + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc3.*/ + properties: + - id: color + value: + fixedColor: '#9AC48A' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd1.*/ + properties: + - id: color + value: + fixedColor: '#65C5DB' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#F9934E' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd3.*/ + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde1.*/ + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#FCEACA' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde3.*/ + properties: + - id: color + value: + fixedColor: '#F9E2D2' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 57 + id: 35 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_io_time_weighted_seconds_total{instance="$node",job="$job"}[$__rate_interval]) + interval: '' + intervalFactor: 4 + legendFormat: '{{`{{`}}device{{`}}`}}' + refId: A + step: 240 + title: Average Queue Size + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: The number of read and write requests merged per second that were queued to the device + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: I/Os + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: iops + overrides: + - matcher: + id: byRegexp + options: /.*Read.*/ + properties: + - id: custom.transform + value: negative-Y + - matcher: + id: byRegexp + options: /.*sda_.*/ + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb_.*/ + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc_.*/ + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd_.*/ + properties: + - id: color + value: + fixedColor: '#EF843C' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde_.*/ + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda1.*/ + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda2_.*/ + properties: + - id: color + value: + fixedColor: '#BA43A9' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda3_.*/ + properties: + - id: color + value: + fixedColor: '#F4D598' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb1.*/ + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb2.*/ + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb3.*/ + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc1.*/ + properties: + - id: color + value: + fixedColor: '#962D82' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc2.*/ + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc3.*/ + properties: + - id: color + value: + fixedColor: '#9AC48A' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd1.*/ + properties: + - id: color + value: + fixedColor: '#65C5DB' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#F9934E' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd3.*/ + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde1.*/ + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#FCEACA' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde3.*/ + properties: + - id: color + value: + fixedColor: '#F9E2D2' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 67 + id: 133 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_reads_merged_total{instance="$node",job="$job"}[$__rate_interval]) + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Read merged' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_writes_merged_total{instance="$node",job="$job"}[$__rate_interval]) + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Write merged' + refId: B + step: 240 + title: Disk R/W Merged + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Percentage of elapsed time during which I/O requests were issued to the device (bandwidth utilization for the device). Device saturation occurs when this value is close to 100% for devices serving requests serially. But for devices serving requests in parallel, such as RAID arrays and modern SSDs, this number does not reflect their performance limits. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '%util' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 30 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: + - matcher: + id: byRegexp + options: /.*sda_.*/ + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb_.*/ + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc_.*/ + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd_.*/ + properties: + - id: color + value: + fixedColor: '#EF843C' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde_.*/ + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda1.*/ + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda2_.*/ + properties: + - id: color + value: + fixedColor: '#BA43A9' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda3_.*/ + properties: + - id: color + value: + fixedColor: '#F4D598' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb1.*/ + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb2.*/ + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb3.*/ + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc1.*/ + properties: + - id: color + value: + fixedColor: '#962D82' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc2.*/ + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc3.*/ + properties: + - id: color + value: + fixedColor: '#9AC48A' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd1.*/ + properties: + - id: color + value: + fixedColor: '#65C5DB' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#F9934E' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd3.*/ + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde1.*/ + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#FCEACA' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde3.*/ + properties: + - id: color + value: + fixedColor: '#F9E2D2' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 67 + id: 36 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_io_time_seconds_total{instance="$node",job="$job"}[$__rate_interval]) + interval: '' + intervalFactor: 4 + legendFormat: '{{`{{`}}device{{`}}`}} - IO' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_discard_time_seconds_total{instance="$node",job="$job"}[$__rate_interval]) + interval: '' + intervalFactor: 4 + legendFormat: '{{`{{`}}device{{`}}`}} - discard' + refId: B + step: 240 + title: Time Spent Doing I/Os + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: The number of outstanding requests at the instant the sample was taken. Incremented as requests are given to appropriate struct request_queue and decremented as they finish. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: Outstanding req. + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: none + overrides: + - matcher: + id: byRegexp + options: /.*sda_.*/ + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb_.*/ + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc_.*/ + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd_.*/ + properties: + - id: color + value: + fixedColor: '#EF843C' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde_.*/ + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda1.*/ + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda2_.*/ + properties: + - id: color + value: + fixedColor: '#BA43A9' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda3_.*/ + properties: + - id: color + value: + fixedColor: '#F4D598' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb1.*/ + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb2.*/ + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb3.*/ + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc1.*/ + properties: + - id: color + value: + fixedColor: '#962D82' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc2.*/ + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc3.*/ + properties: + - id: color + value: + fixedColor: '#9AC48A' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd1.*/ + properties: + - id: color + value: + fixedColor: '#65C5DB' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#F9934E' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd3.*/ + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde1.*/ + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#FCEACA' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde3.*/ + properties: + - id: color + value: + fixedColor: '#F9E2D2' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 77 + id: 34 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_disk_io_now{instance="$node",job="$job"} + interval: '' + intervalFactor: 4 + legendFormat: '{{`{{`}}device{{`}}`}} - IO now' + refId: A + step: 240 + title: Instantaneous Queue Size + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: IOs + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: iops + overrides: + - matcher: + id: byRegexp + options: /.*sda_.*/ + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb_.*/ + properties: + - id: color + value: + fixedColor: '#EAB839' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc_.*/ + properties: + - id: color + value: + fixedColor: '#6ED0E0' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd_.*/ + properties: + - id: color + value: + fixedColor: '#EF843C' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde_.*/ + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda1.*/ + properties: + - id: color + value: + fixedColor: '#584477' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda2_.*/ + properties: + - id: color + value: + fixedColor: '#BA43A9' + mode: fixed + - matcher: + id: byRegexp + options: /.*sda3_.*/ + properties: + - id: color + value: + fixedColor: '#F4D598' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb1.*/ + properties: + - id: color + value: + fixedColor: '#0A50A1' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb2.*/ + properties: + - id: color + value: + fixedColor: '#BF1B00' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdb3.*/ + properties: + - id: color + value: + fixedColor: '#E0752D' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc1.*/ + properties: + - id: color + value: + fixedColor: '#962D82' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc2.*/ + properties: + - id: color + value: + fixedColor: '#614D93' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdc3.*/ + properties: + - id: color + value: + fixedColor: '#9AC48A' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd1.*/ + properties: + - id: color + value: + fixedColor: '#65C5DB' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#F9934E' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd3.*/ + properties: + - id: color + value: + fixedColor: '#EA6460' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde1.*/ + properties: + - id: color + value: + fixedColor: '#E0F9D7' + mode: fixed + - matcher: + id: byRegexp + options: /.*sdd2.*/ + properties: + - id: color + value: + fixedColor: '#FCEACA' + mode: fixed + - matcher: + id: byRegexp + options: /.*sde3.*/ + properties: + - id: color + value: + fixedColor: '#F9E2D2' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 77 + id: 301 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_discards_completed_total{instance="$node",job="$job"}[$__rate_interval]) + interval: '' + intervalFactor: 4 + legendFormat: '{{`{{`}}device{{`}}`}} - Discards completed' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_disk_discards_merged_total{instance="$node",job="$job"}[$__rate_interval]) + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Discards merged' + refId: B + step: 240 + title: Disk IOps Discards completed / merged + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: Storage Disk + type: row +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 29 + id: 271 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 62 + id: 43 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_filesystem_avail_bytes{instance="$node",job="$job",device!~'rootfs'} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}mountpoint{{`}}`}} - Available' + metric: '' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_filesystem_free_bytes{instance="$node",job="$job",device!~'rootfs'} + format: time_series + hide: true + intervalFactor: 1 + legendFormat: '{{`{{`}}mountpoint{{`}}`}} - Free' + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_filesystem_size_bytes{instance="$node",job="$job",device!~'rootfs'} + format: time_series + hide: true + intervalFactor: 1 + legendFormat: '{{`{{`}}mountpoint{{`}}`}} - Size' + refId: C + step: 240 + title: Filesystem space available + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: file nodes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 62 + id: 41 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_filesystem_files_free{instance="$node",job="$job",device!~'rootfs'} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}mountpoint{{`}}`}} - Free file nodes' + refId: A + step: 240 + title: File Nodes Free + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: files + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 72 + id: 28 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_filefd_maximum{instance="$node",job="$job"} + format: time_series + intervalFactor: 4 + legendFormat: Max open files + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_filefd_allocated{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: Open files + refId: B + step: 240 + title: File Descriptor + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: file Nodes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 72 + id: 219 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_filesystem_files{instance="$node",job="$job",device!~'rootfs'} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}mountpoint{{`}}`}} - File nodes total' + refId: A + step: 240 + title: File Nodes Size + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + max: 1 + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: / ReadOnly + properties: + - id: color + value: + fixedColor: '#890F02' + mode: fixed + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 82 + id: 44 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_filesystem_readonly{instance="$node",job="$job",device!~'rootfs'} + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}mountpoint{{`}}`}} - ReadOnly' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_filesystem_device_error{instance="$node",job="$job",device!~'rootfs',fstype!~'tmpfs'} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}mountpoint{{`}}`}} - Device error' + refId: B + step: 240 + title: Filesystem in ReadOnly / Error + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: Storage Filesystem + type: row +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 30 + id: 272 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: packets out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: pps + overrides: + - matcher: + id: byName + options: receive_packets_eth0 + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byName + options: receive_packets_lo + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byName + options: transmit_packets_eth0 + properties: + - id: color + value: + fixedColor: '#7EB26D' + mode: fixed + - matcher: + id: byName + options: transmit_packets_lo + properties: + - id: color + value: + fixedColor: '#E24D42' + mode: fixed + - matcher: + id: byRegexp + options: /.*Trans.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 47 + id: 60 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_receive_packets_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Receive' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_transmit_packets_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Transmit' + refId: B + step: 240 + title: Network Traffic by Packets + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: packets out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: pps + overrides: + - matcher: + id: byRegexp + options: /.*Trans.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 47 + id: 142 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_receive_errs_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Receive errors' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_transmit_errs_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Transmit errors' + refId: B + step: 240 + title: Network Traffic Errors + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: packets out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: pps + overrides: + - matcher: + id: byRegexp + options: /.*Trans.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 57 + id: 143 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_receive_drop_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Receive drop' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_transmit_drop_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Transmit drop' + refId: B + step: 240 + title: Network Traffic Drop + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: packets out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: pps + overrides: + - matcher: + id: byRegexp + options: /.*Trans.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 57 + id: 141 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_receive_compressed_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Receive compressed' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_transmit_compressed_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Transmit compressed' + refId: B + step: 240 + title: Network Traffic Compressed + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: packets out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: pps + overrides: + - matcher: + id: byRegexp + options: /.*Trans.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 67 + id: 146 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_receive_multicast_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Receive multicast' + refId: A + step: 240 + title: Network Traffic Multicast + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: packets out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: pps + overrides: + - matcher: + id: byRegexp + options: /.*Trans.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 67 + id: 144 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_receive_fifo_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Receive fifo' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_transmit_fifo_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Transmit fifo' + refId: B + step: 240 + title: Network Traffic Fifo + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: packets out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: pps + overrides: + - matcher: + id: byRegexp + options: /.*Trans.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 77 + id: 145 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_receive_frame_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Receive frame' + refId: A + step: 240 + title: Network Traffic Frame + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 77 + id: 231 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_transmit_carrier_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Statistic transmit_carrier' + refId: A + step: 240 + title: Network Traffic Carrier + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*Trans.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 87 + id: 232 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_network_transmit_colls_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}device{{`}}`}} - Transmit colls' + refId: A + step: 240 + title: Network Traffic Colls + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: entries + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: NF conntrack limit + properties: + - id: color + value: + fixedColor: '#890F02' + mode: fixed + - id: custom.fillOpacity + value: 0 + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 87 + id: 61 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_nf_conntrack_entries{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: NF conntrack entries + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_nf_conntrack_entries_limit{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: NF conntrack limit + refId: B + step: 240 + title: NF Conntrack + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: Entries + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 97 + id: 230 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_arp_entries{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}} device {{`}}`}} - ARP entries' + refId: A + step: 240 + title: ARP Entries + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 97 + id: 288 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_network_mtu_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}} device {{`}}`}} - Bytes' + refId: A + step: 240 + title: MTU + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 107 + id: 280 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_network_speed_bytes{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}} device {{`}}`}} - Speed' + refId: A + step: 240 + title: Speed + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: packets + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 107 + id: 289 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_network_transmit_queue_length{instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}} device {{`}}`}} - Interface transmit queue length' + refId: A + step: 240 + title: Queue Length + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: packetes drop (-) / process (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*Dropped.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 117 + id: 290 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_softnet_processed_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: CPU {{`{{`}}cpu{{`}}`}} - Processed + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_softnet_dropped_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: CPU {{`{{`}}cpu{{`}}`}} - Dropped + refId: B + step: 240 + title: Softnet Packets + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 117 + id: 310 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_softnet_times_squeezed_total{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: CPU {{`{{`}}cpu{{`}}`}} - Squeezed + refId: A + step: 240 + title: Softnet Out of Quota + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 127 + id: 309 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_network_up{operstate="up",instance="$node",job="$job"} + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}interface{{`}}`}} - Operational state UP' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_network_carrier{instance="$node",job="$job"} + format: time_series + instant: false + legendFormat: '{{`{{`}}device{{`}}`}} - Physical link state' + refId: B + title: Network Operational Status + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: Network Traffic + type: row +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 31 + id: 273 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 48 + id: 63 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_sockstat_TCP_alloc{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: TCP_alloc - Allocated sockets + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_sockstat_TCP_inuse{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: TCP_inuse - Tcp sockets currently in use + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_sockstat_TCP_mem{instance="$node",job="$job"} + format: time_series + hide: true + interval: '' + intervalFactor: 1 + legendFormat: TCP_mem - Used memory for tcp + refId: C + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_sockstat_TCP_orphan{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: TCP_orphan - Orphan sockets + refId: D + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_sockstat_TCP_tw{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: TCP_tw - Sockets waiting close + refId: E + step: 240 + title: Sockstat TCP + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 48 + id: 124 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_sockstat_UDPLITE_inuse{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: UDPLITE_inuse - Udplite sockets currently in use + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_sockstat_UDP_inuse{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: UDP_inuse - Udp sockets currently in use + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_sockstat_UDP_mem{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: UDP_mem - Used memory for udp + refId: C + step: 240 + title: Sockstat UDP + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 58 + id: 125 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_sockstat_FRAG_inuse{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: FRAG_inuse - Frag sockets currently in use + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_sockstat_RAW_inuse{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: RAW_inuse - Raw sockets currently in use + refId: C + step: 240 + title: Sockstat FRAG / RAW + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: bytes + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 58 + id: 220 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_sockstat_TCP_mem_bytes{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: mem_bytes - TCP sockets in that state + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_sockstat_UDP_mem_bytes{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: mem_bytes - UDP sockets in that state + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_sockstat_FRAG_memory{instance="$node",job="$job"} + interval: '' + intervalFactor: 1 + legendFormat: FRAG_memory - Used memory for frag + refId: C + title: Sockstat Memory Size + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: sockets + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 68 + id: 126 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_sockstat_sockets_used{instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Sockets_used - Sockets currently in use + refId: A + step: 240 + title: Sockstat Used + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: Network Sockstat + type: row +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 32 + id: 274 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: octets out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*Out.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 33 + id: 221 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_IpExt_InOctets{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: InOctets - Received octets + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_IpExt_OutOctets{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + intervalFactor: 1 + legendFormat: OutOctets - Sent octets + refId: B + step: 240 + title: Netstat IP In / Out Octets + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: datagrams + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 33 + id: 81 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + width: 300 + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Ip_Forwarding{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: Forwarding - IP forwarding + refId: A + step: 240 + title: Netstat IP Forwarding + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: messages out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*Out.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 43 + id: 115 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Icmp_InMsgs{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: InMsgs - Messages which the entity received. Note that this counter includes all those counted by icmpInErrors + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Icmp_OutMsgs{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: OutMsgs - Messages which this entity attempted to send. Note that this counter includes all those counted by icmpOutErrors + refId: B + step: 240 + title: ICMP In / Out + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: messages out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*Out.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 43 + id: 50 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Icmp_InErrors{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: InErrors - Messages which the entity received but determined as having ICMP-specific errors (bad ICMP checksums, bad length, etc.) + refId: A + step: 240 + title: ICMP Errors + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: datagrams out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*Out.*/ + properties: + - id: custom.transform + value: negative-Y + - matcher: + id: byRegexp + options: /.*Snd.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 53 + id: 55 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Udp_InDatagrams{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: InDatagrams - Datagrams received + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Udp_OutDatagrams{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: OutDatagrams - Datagrams sent + refId: B + step: 240 + title: UDP In / Out + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: datagrams + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 53 + id: 109 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Udp_InErrors{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: InErrors - UDP Datagrams that could not be delivered to an application + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Udp_NoPorts{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: NoPorts - UDP Datagrams received on a port with no listener + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_UdpLite_InErrors{instance="$node",job="$job"}[$__rate_interval]) + interval: '' + legendFormat: InErrors Lite - UDPLite Datagrams that could not be delivered to an application + refId: C + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Udp_RcvbufErrors{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: RcvbufErrors - UDP buffer errors received + refId: D + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Udp_SndbufErrors{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: SndbufErrors - UDP buffer errors send + refId: E + step: 240 + title: UDP Errors + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: datagrams out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*Out.*/ + properties: + - id: custom.transform + value: negative-Y + - matcher: + id: byRegexp + options: /.*Snd.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 63 + id: 299 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Tcp_InSegs{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + instant: false + interval: '' + intervalFactor: 1 + legendFormat: InSegs - Segments received, including those received in error. This count includes segments received on currently established connections + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Tcp_OutSegs{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: OutSegs - Segments sent, including those on current connections but excluding those containing only retransmitted octets + refId: B + step: 240 + title: TCP In / Out + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 63 + id: 104 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_TcpExt_ListenOverflows{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: ListenOverflows - Times the listen queue of a socket overflowed + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_TcpExt_ListenDrops{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: ListenDrops - SYNs to LISTEN sockets ignored + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_TcpExt_TCPSynRetrans{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: TCPSynRetrans - SYN-SYN/ACK retransmits to break down retransmissions in SYN, fast/timeout retransmits + refId: C + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Tcp_RetransSegs{instance="$node",job="$job"}[$__rate_interval]) + interval: '' + legendFormat: RetransSegs - Segments retransmitted - that is, the number of TCP segments transmitted containing one or more previously transmitted octets + refId: D + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Tcp_InErrs{instance="$node",job="$job"}[$__rate_interval]) + interval: '' + legendFormat: InErrs - Segments received in error (e.g., bad TCP checksums) + refId: E + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Tcp_OutRsts{instance="$node",job="$job"}[$__rate_interval]) + interval: '' + legendFormat: OutRsts - Segments sent with RST flag + refId: F + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: irate(node_netstat_TcpExt_TCPRcvQDrop{instance="$node",job="$job"}[$__rate_interval]) + hide: false + interval: '' + legendFormat: TCPRcvQDrop - Packets meant to be queued in rcv queue but dropped because socket rcvbuf limit hit + range: true + refId: G + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: irate(node_netstat_TcpExt_TCPOFOQueue{instance="$node",job="$job"}[$__rate_interval]) + hide: false + interval: '' + legendFormat: TCPOFOQueue - TCP layer receives an out of order packet and has enough memory to queue it + range: true + refId: H + title: TCP Errors + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: connections + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*MaxConn *./ + properties: + - id: color + value: + fixedColor: '#890F02' + mode: fixed + - id: custom.fillOpacity + value: 0 + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 73 + id: 85 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_netstat_Tcp_CurrEstab{instance="$node",job="$job"} + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: CurrEstab - TCP connections for which the current state is either ESTABLISHED or CLOSE- WAIT + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_netstat_Tcp_MaxConn{instance="$node",job="$job"} + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: MaxConn - Limit on the total number of TCP connections the entity can support (Dynamic is "-1") + refId: B + step: 240 + title: TCP Connections + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter out (-) / in (+) + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*Sent.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 73 + id: 91 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_TcpExt_SyncookiesFailed{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: SyncookiesFailed - Invalid SYN cookies received + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_TcpExt_SyncookiesRecv{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: SyncookiesRecv - SYN cookies received + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_TcpExt_SyncookiesSent{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: SyncookiesSent - SYN cookies sent + refId: C + step: 240 + title: TCP SynCookie + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: connections + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 83 + id: 82 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Tcp_ActiveOpens{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: ActiveOpens - TCP connections that have made a direct transition to the SYN-SENT state from the CLOSED state + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: irate(node_netstat_Tcp_PassiveOpens{instance="$node",job="$job"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: PassiveOpens - TCP connections that have made a direct transition to the SYN-RCVD state from the LISTEN state + refId: B + step: 240 + title: TCP Direct Transition + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: Enable with --collector.tcpstat argument on node-exporter + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: connections + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: short + overrides: [] + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 83 + id: 320 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: node_tcp_connection_states{state="established",instance="$node",job="$job"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: established - TCP sockets in established state + range: true + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: node_tcp_connection_states{state="fin_wait2",instance="$node",job="$job"} + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: fin_wait2 - TCP sockets in fin_wait2 state + range: true + refId: B + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: node_tcp_connection_states{state="listen",instance="$node",job="$job"} + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: listen - TCP sockets in listen state + range: true + refId: C + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + editorMode: code + expr: node_tcp_connection_states{state="time_wait",instance="$node",job="$job"} + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: time_wait - TCP sockets in time_wait state + range: true + refId: D + step: 240 + title: TCP Stat + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: Network Netstat + type: row +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 33 + id: 279 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: seconds + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 10 + w: 12 + x: 0 + 'y': 66 + id: 40 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_scrape_collector_duration_seconds{instance="$node",job="$job"} + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}collector{{`}}`}} - Scrape duration' + refId: A + step: 240 + title: Node Exporter Scrape Time + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: counter + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 20 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineStyle: + fill: solid + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*error.*/ + properties: + - id: color + value: + fixedColor: '#F2495C' + mode: fixed + - id: custom.transform + value: negative-Y + gridPos: + h: 10 + w: 12 + x: 12 + 'y': 66 + id: 157 + links: [] + options: + legend: + calcs: + - mean + - lastNotNull + - max + - min + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_scrape_collector_success{instance="$node",job="$job"} + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}collector{{`}}`}} - Scrape success' + refId: A + step: 240 + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: node_textfile_scrape_error{instance="$node",job="$job"} + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}collector{{`}}`}} - Scrape textfile error (1 = true)' + refId: B + step: 240 + title: Node Exporter Scrape + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: '000000001' + refId: A + title: Node Exporter + type: row +refresh: 1m +revision: 1 +schemaVersion: 38 +style: dark +tags: +- linux +- vm-k8s-stack +templating: + list: + - current: + selected: false + text: default + value: default + hide: 0 + includeAll: false + label: Datasource + multi: false + name: datasource + options: [] + query: {{ $defaultDatasource }} + queryValue: '' + refresh: 1 + regex: '' + skipUrlSync: false + type: datasource + - current: {} + datasource: + type: prometheus + uid: ${datasource} + definition: '' + hide: 0 + includeAll: false + label: Job + multi: false + name: job + options: [] + query: + query: label_values(node_uname_info, job) + refId: Prometheus-job-Variable-Query + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + tagValuesQuery: '' + tagsQuery: '' + type: query + useTags: false + - current: {} + datasource: + type: prometheus + uid: ${datasource} + definition: label_values(node_uname_info{job="$job"}, instance) + hide: 0 + includeAll: false + label: Host + multi: false + name: node + options: [] + query: + query: label_values(node_uname_info{job="$job"}, instance) + refId: Prometheus-node-Variable-Query + refresh: 1 + regex: '' + skipUrlSync: false + sort: 1 + tagValuesQuery: '' + tagsQuery: '' + type: query + useTags: false + - current: + selected: false + text: '[a-z]+|nvme[0-9]+n[0-9]+|mmcblk[0-9]+' + value: '[a-z]+|nvme[0-9]+n[0-9]+|mmcblk[0-9]+' + hide: 2 + includeAll: false + multi: false + name: diskdevices + options: + - selected: true + text: '[a-z]+|nvme[0-9]+n[0-9]+|mmcblk[0-9]+' + value: '[a-z]+|nvme[0-9]+n[0-9]+|mmcblk[0-9]+' + query: '[a-z]+|nvme[0-9]+n[0-9]+|mmcblk[0-9]+' + skipUrlSync: false + type: custom +time: + from: now-24h + to: now +timepicker: + refresh_intervals: + - 5s + - 10s + - 30s + - 1m + - 5m + - 15m + - 30m + - 1h + - 2h + - 1d + time_options: + - 5m + - 15m + - 1h + - 6h + - 12h + - 24h + - 2d + - 7d + - 30d +timezone: {{ default "browser" ($Values.defaultDashboards).defaultTimezone }} +title: Node Exporter Full +uid: rYdddlPWk +version: 92 +weekStart: '' diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/proxy.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/proxy.yaml new file mode 100644 index 0000000..d6dc8fa --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/proxy.yaml @@ -0,0 +1,462 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +condition: {{ $Values.kubeProxy.enabled }} +editable: false +links: +- asDropdown: true + includeVars: true + keepTime: true + tags: + - kubernetes-mixin + targetBlank: false + title: Kubernetes + type: dashboards +panels: +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + unit: none + gridPos: + h: 7 + w: 4 + x: 0 + 'y': 0 + id: 1 + interval: 1m + options: + colorMode: none + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(up{ {{ $clusterLabel }}=~"$cluster", job="kube-proxy"}) + instant: true + title: Up + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 10 + x: 4 + 'y': 0 + id: 2 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(kubeproxy_sync_proxy_rules_duration_seconds_count{ {{ $clusterLabel }}=~"$cluster", job="kube-proxy", instance=~"$instance"}[$__rate_interval])) + legendFormat: rate + title: Rules Sync Rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 10 + x: 14 + 'y': 0 + id: 3 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99,rate(kubeproxy_sync_proxy_rules_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kube-proxy", instance=~"$instance"}[$__rate_interval])) + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: Rules Sync Latency 99th Quantile + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 7 + id: 4 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(kubeproxy_network_programming_duration_seconds_count{ {{ $clusterLabel }}=~"$cluster", job="kube-proxy", instance=~"$instance"}[$__rate_interval])) + legendFormat: rate + title: Network Programming Rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 7 + id: 5 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(kubeproxy_network_programming_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kube-proxy", instance=~"$instance"}[$__rate_interval])) by (instance, le)) + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: Network Programming Latency 99th Quantile + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 8 + x: 0 + 'y': 14 + id: 6 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{ {{ $clusterLabel }}=~"$cluster",job="kube-proxy", instance=~"$instance",code=~"2.."}[$__rate_interval])) + legendFormat: 2xx + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{ {{ $clusterLabel }}=~"$cluster",job="kube-proxy", instance=~"$instance",code=~"3.."}[$__rate_interval])) + legendFormat: 3xx + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{ {{ $clusterLabel }}=~"$cluster",job="kube-proxy", instance=~"$instance",code=~"4.."}[$__rate_interval])) + legendFormat: 4xx + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{ {{ $clusterLabel }}=~"$cluster",job="kube-proxy", instance=~"$instance",code=~"5.."}[$__rate_interval])) + legendFormat: 5xx + title: Kube API Request Rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 16 + x: 8 + 'y': 14 + id: 7 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kube-proxy",instance=~"$instance",verb="POST"}[$__rate_interval])) by (verb, le)) + legendFormat: '{{`{{`}}verb{{`}}`}}' + title: Post Request Latency 99th Quantile + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 24 + x: 0 + 'y': 21 + id: 8 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kube-proxy", instance=~"$instance", verb="GET"}[$__rate_interval])) by (verb, le)) + legendFormat: '{{`{{`}}verb{{`}}`}}' + title: Get Request Latency 99th Quantile + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: bytes + gridPos: + h: 7 + w: 8 + x: 0 + 'y': 28 + id: 9 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: process_resident_memory_bytes{ {{ $clusterLabel }}=~"$cluster", job="kube-proxy",instance=~"$instance"} + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: Memory + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: short + gridPos: + h: 7 + w: 8 + x: 8 + 'y': 28 + id: 10 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: rate(process_cpu_seconds_total{ {{ $clusterLabel }}=~"$cluster", job="kube-proxy",instance=~"$instance"}[$__rate_interval]) + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: CPU usage + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: short + gridPos: + h: 7 + w: 8 + x: 16 + 'y': 28 + id: 11 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: go_goroutines{ {{ $clusterLabel }}=~"$cluster", job="kube-proxy",instance=~"$instance"} + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: Goroutines + type: timeseries +refresh: 10s +schemaVersion: 39 +tags: +- kubernetes-mixin +- vm-k8s-stack +templating: + list: + - current: + selected: true + text: default + value: default + hide: 0 + label: Data source + name: datasource + query: {{ $defaultDatasource }} + regex: '' + type: datasource + - datasource: + type: prometheus + uid: ${datasource} + hide: {{ ternary 0 2 $multicluster }} + label: cluster + name: cluster + query: {{ ternary (b64dec "ImxhYmVsX3ZhbHVlcyh1cHtqb2I9XCJrdWJlLXByb3h5XCJ9LCBjbHVzdGVyKSI=" | replace "cluster" $clusterLabel) ".*" $multicluster }} + refresh: 2 + sort: 1 + type: {{ ternary "query" "constant" $multicluster }} + - allValue: .+ + datasource: + type: prometheus + uid: ${datasource} + hide: 0 + includeAll: true + label: instance + name: instance + query: label_values(up{job="kube-proxy", {{ $clusterLabel }}=~"$cluster", job="kube-proxy"}, instance) + refresh: 2 + type: query +time: + from: now-1h + to: now +timezone: {{ default "UTC" ($Values.defaultDashboards).defaultTimezone }} +title: Kubernetes / Proxy +uid: 632e265de029684c40b21cb76bca4f94 diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/scheduler.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/scheduler.yaml new file mode 100644 index 0000000..f3eb26f --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/scheduler.yaml @@ -0,0 +1,420 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +condition: {{ $Values.kubeScheduler.enabled }} +editable: false +links: +- asDropdown: true + includeVars: true + keepTime: true + tags: + - kubernetes-mixin + targetBlank: false + title: Kubernetes + type: dashboards +panels: +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + unit: none + gridPos: + h: 7 + w: 4 + x: 0 + 'y': 0 + id: 1 + interval: 1m + options: + colorMode: none + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(up{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler"}) + instant: true + title: Up + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 10 + x: 4 + 'y': 0 + id: 2 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(scheduler_e2e_scheduling_duration_seconds_count{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler", instance=~"$instance"}[$__rate_interval])) by (cluster, instance) + legendFormat: '{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} e2e' + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(scheduler_binding_duration_seconds_count{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler", instance=~"$instance"}[$__rate_interval])) by (cluster, instance) + legendFormat: '{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} binding' + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(scheduler_scheduling_algorithm_duration_seconds_count{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler", instance=~"$instance"}[$__rate_interval])) by (cluster, instance) + legendFormat: '{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} scheduling algorithm' + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(scheduler_volume_scheduling_duration_seconds_count{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler", instance=~"$instance"}[$__rate_interval])) by (cluster, instance) + legendFormat: '{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} volume' + title: Scheduling Rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 10 + x: 14 + 'y': 0 + id: 3 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(scheduler_e2e_scheduling_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler",instance=~"$instance"}[$__rate_interval])) by (cluster, instance, le)) + legendFormat: '{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} e2e' + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(scheduler_binding_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler",instance=~"$instance"}[$__rate_interval])) by (cluster, instance, le)) + legendFormat: '{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} binding' + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(scheduler_scheduling_algorithm_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler",instance=~"$instance"}[$__rate_interval])) by (cluster, instance, le)) + legendFormat: '{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} scheduling algorithm' + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(scheduler_volume_scheduling_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler",instance=~"$instance"}[$__rate_interval])) by (cluster, instance, le)) + legendFormat: '{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} volume' + title: Scheduling latency 99th Quantile + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 8 + x: 0 + 'y': 7 + id: 4 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler", instance=~"$instance",code=~"2.."}[$__rate_interval])) + legendFormat: 2xx + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler", instance=~"$instance",code=~"3.."}[$__rate_interval])) + legendFormat: 3xx + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler", instance=~"$instance",code=~"4.."}[$__rate_interval])) + legendFormat: 4xx + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: sum(rate(rest_client_requests_total{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler", instance=~"$instance",code=~"5.."}[$__rate_interval])) + legendFormat: 5xx + title: Kube API Request Rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: ops + gridPos: + h: 7 + w: 16 + x: 8 + 'y': 7 + id: 5 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler", instance=~"$instance", verb="POST"}[$__rate_interval])) by (verb, le)) + legendFormat: '{{`{{`}}verb{{`}}`}}' + title: Post Request Latency 99th Quantile + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: s + gridPos: + h: 7 + w: 24 + x: 0 + 'y': 14 + id: 6 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler", instance=~"$instance", verb="GET"}[$__rate_interval])) by (verb, le)) + legendFormat: '{{`{{`}}verb{{`}}`}}' + title: Get Request Latency 99th Quantile + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: bytes + gridPos: + h: 7 + w: 8 + x: 0 + 'y': 21 + id: 7 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: process_resident_memory_bytes{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler", instance=~"$instance"} + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: Memory + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: short + gridPos: + h: 7 + w: 8 + x: 8 + 'y': 21 + id: 8 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: rate(process_cpu_seconds_total{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler", instance=~"$instance"}[$__rate_interval]) + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: CPU usage + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: -- Mixed -- + fieldConfig: + defaults: + custom: + fillOpacity: 10 + showPoints: never + spanNulls: true + unit: short + gridPos: + h: 7 + w: 8 + x: 16 + 'y': 21 + id: 9 + interval: 1m + options: + legend: + asTable: true + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + tooltip: + mode: single + pluginVersion: v11.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${datasource} + expr: go_goroutines{ {{ $clusterLabel }}=~"$cluster", job="kube-scheduler",instance=~"$instance"} + legendFormat: '{{`{{`}}instance{{`}}`}}' + title: Goroutines + type: timeseries +refresh: 10s +schemaVersion: 39 +tags: +- kubernetes-mixin +- vm-k8s-stack +templating: + list: + - current: + selected: true + text: default + value: default + hide: 0 + label: Data source + name: datasource + query: {{ $defaultDatasource }} + regex: '' + type: datasource + - datasource: + type: prometheus + uid: ${datasource} + hide: {{ ternary 0 2 $multicluster }} + label: cluster + name: cluster + query: {{ ternary (b64dec "ImxhYmVsX3ZhbHVlcyh1cHtqb2I9XCJrdWJlLXNjaGVkdWxlclwifSwgY2x1c3Rlciki" | replace "cluster" $clusterLabel) ".*" $multicluster }} + refresh: 2 + sort: 1 + type: {{ ternary "query" "constant" $multicluster }} + - allValue: .+ + datasource: + type: prometheus + uid: ${datasource} + hide: 0 + includeAll: true + label: instance + name: instance + query: label_values(up{job="kube-scheduler", {{ $clusterLabel }}=~"$cluster"}, instance) + refresh: 2 + type: query +time: + from: now-1h + to: now +timezone: {{ default "UTC" ($Values.defaultDashboards).defaultTimezone }} +title: Kubernetes / Scheduler +uid: 2e6b6a3b4bddf1427b3a55aa1311c656 diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-backupmanager.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-backupmanager.yaml new file mode 100644 index 0000000..fff84f8 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-backupmanager.yaml @@ -0,0 +1,1290 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +__elements: {} +__inputs: [] +__requires: +- id: barchart + name: Bar chart + type: panel + version: '' +- id: grafana + name: Grafana + type: grafana + version: 10.4.0 +- id: prometheus + name: Prometheus + type: datasource + version: 1.0.0 +- id: stat + name: Stat + type: panel + version: '' +- id: table + name: Table + type: panel + version: '' +- id: timeseries + name: Time series + type: panel + version: '' +annotations: + list: + - builtIn: 1 + datasource: + type: grafana + uid: -- Grafana -- + enable: true + hide: true + iconColor: rgba(0, 211, 255, 1) + name: Annotations & Alerts + target: + limit: 100 + matchAny: false + tags: [] + type: dashboard + type: dashboard +condition: {{ or (not (empty (((($Values).vmsingle).spec).vmBackup).destination)) (not (empty ((((($Values).vmcluster).spec).storage).vmBackup).destination)) }} +description: Overview for VictoriaMetrics backupmanager v1.85.3 or higher +editable: false +fiscalYearStartMonth: 0 +graphTooltip: 0 +id: null +links: [] +liveNow: false +panels: +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 0 + id: 10 + panels: [] + title: Stats + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + overrides: [] + gridPos: + h: 5 + w: 3 + x: 0 + 'y': 1 + id: 32 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + textMode: auto + wideLayout: true + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: count(vm_app_version{job=~"$job", instance=~"$instance", version=~"^vmbackupmanager.+" }) + instant: true + legendFormat: __auto + range: false + refId: A + title: Instances + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Status of last backup operation. + fieldConfig: + defaults: + color: + mode: thresholds + mappings: + - options: + '0': + index: 0 + text: Success + type: value + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + overrides: [] + gridPos: + h: 5 + w: 4 + x: 3 + 'y': 1 + id: 2 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + textMode: auto + wideLayout: true + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_backup_last_run_failed) + legendFormat: __auto + range: true + refId: A + title: Last backup status + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Number of backups stored in remote storage. + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + overrides: [] + gridPos: + h: 5 + w: 3 + x: 7 + 'y': 1 + id: 6 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + textMode: auto + wideLayout: true + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_backups_stored{job=~"$job", instance=~"$instance"}) + legendFormat: __auto + range: true + refId: A + title: Total backups stored + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Space used in remote storage. + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: decbytes + overrides: [] + gridPos: + h: 5 + w: 3 + x: 10 + 'y': 1 + id: 27 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + textMode: auto + wideLayout: true + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_backups_size_bytes{job=~"$job", instance=~"$instance"}) + legendFormat: __auto + range: true + refId: A + title: Backups size + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '' + fieldConfig: + defaults: + color: + mode: thresholds + mappings: + - options: + '0': + index: 0 + text: No errors + type: value + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 1 + overrides: [] + gridPos: + h: 5 + w: 3 + x: 13 + 'y': 1 + id: 7 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + textMode: auto + wideLayout: true + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(increase(vm_backup_errors_total{job=~"$job", instance=~"$instance"}[1h])) + legendFormat: __auto + range: true + refId: A + title: 'Backups errors ' + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Status of last retention run. + + + Retention is a process of removing old backups from remote storage.' + fieldConfig: + defaults: + color: + mode: thresholds + mappings: + - options: + '0': + index: 0 + text: Success + type: value + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + overrides: [] + gridPos: + h: 5 + w: 4 + x: 16 + 'y': 1 + id: 5 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + textMode: auto + wideLayout: true + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_retention_last_run_failed) + legendFormat: __auto + range: true + refId: A + title: Last retention status + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: thresholds + mappings: + - options: + '0': + index: 0 + text: No errors + type: value + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 1 + overrides: [] + gridPos: + h: 5 + w: 4 + x: 20 + 'y': 1 + id: 8 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + textMode: auto + wideLayout: true + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(increase(vm_retention_errors_total{job=~"$job", instance=~"$instance"}[1h])) + legendFormat: __auto + range: true + refId: A + title: Retention errors + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: thresholds + custom: + align: auto + cellOptions: + type: auto + inspect: false + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: + - matcher: + id: byName + options: name + properties: + - id: custom.width + value: 148 + - matcher: + id: byName + options: value + properties: + - id: custom.width + value: 101 + gridPos: + h: 6 + w: 12 + x: 0 + 'y': 6 + id: 22 + options: + cellHeight: sm + footer: + countRows: false + fields: '' + reducer: + - sum + show: false + showHeader: true + sortBy: + - desc: false + displayName: name + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(flag{job=~"$job", instance=~"$instance",name=~"disableDaily|disableHourly|disableWeekly|disableMonthly"}) by (name, value, instance) + format: table + instant: true + legendFormat: '' + range: false + refId: A + title: Backups configuration + transformations: + - id: groupBy + options: + fields: + instance: + aggregations: + - uniqueValues + operation: aggregate + name: + aggregations: [] + operation: groupby + value: + aggregations: [] + operation: groupby + type: table +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: thresholds + custom: + align: auto + cellOptions: + type: auto + inspect: false + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: + - matcher: + id: byName + options: value + properties: + - id: custom.width + value: 100 + - matcher: + id: byName + options: name + properties: + - id: custom.width + value: 150 + gridPos: + h: 6 + w: 12 + x: 12 + 'y': 6 + id: 21 + options: + cellHeight: sm + footer: + countRows: false + fields: '' + reducer: + - sum + show: false + showHeader: true + sortBy: + - desc: false + displayName: name + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(flag{job=~"$job", instance=~"$instance",name=~"keep(.*)", is_set="true"}) by (name, value, instance) + format: table + instant: true + legendFormat: '' + range: false + refId: A + title: Retention configuration + transformations: + - id: groupBy + options: + fields: + instance: + aggregations: + - uniqueValues + operation: aggregate + name: + aggregations: [] + operation: groupby + value: + aggregations: [] + operation: groupby + type: table +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 12 + id: 12 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Max duration of backup run. Lower better. + + + Each backup starts with data upload during `latest` backup. Subsequent backups (`hourly`, `daily`, `weekly`, `monthly`) are copying date by using server-side copy. ' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisLabel: '' + axisPlacement: auto + fillOpacity: 80 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineWidth: 1 + scaleDistribution: + type: linear + links: + - targetBlank: true + title: Drilldown + url: /d/gF-lxRdVz?viewPanel=36&var-ds=$ds&var-instance=$instance&var-job=$job&${__url_time_range} + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 13 + id: 23 + interval: 1h + options: + barRadius: 0 + barWidth: 0.97 + groupWidth: 0.7 + legend: + calcs: + - max + - min + - mean + displayMode: list + placement: bottom + showLegend: false + orientation: auto + showValue: auto + stacking: none + tooltip: + mode: single + sort: none + xTickLabelRotation: 0 + xTickLabelSpacing: 100 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(increase(vm_backup_duration_seconds_total{job=~"$job", instance=~"$instance"})) by (type) > 0 + legendFormat: __auto + range: true + refId: A + title: Max backup duration + type: barchart + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 13 + id: 16 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(increase(vm_backup_errors_total{job=~"$job", instance=~"$instance"})[$__interval]) by (instance) > 0 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Backup errors + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: decbytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 21 + id: 29 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: vm_backups_size_bytes{job=~"$job", instance=~"$instance"} + legendFormat: __auto + range: true + refId: A + title: Backups size + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: thresholds + custom: + align: auto + cellOptions: + type: auto + inspect: false + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: decbytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 21 + id: 28 + options: + footer: + fields: '' + reducer: + - sum + show: false + showHeader: true + sortBy: + - desc: true + displayName: backup + pluginVersion: 9.0.4 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: topk(10, sum(vm_backups_size_bytes{job=~"$job", instance=~"$instance"}) by (backup, job, type)) + format: table + instant: true + legendFormat: __auto + range: false + refId: A + title: Top 10 backups by size + transformations: + - id: groupBy + options: + fields: + Value: + aggregations: [] + operation: groupby + backup: + aggregations: [] + operation: groupby + job: + aggregations: [] + operation: groupby + type: + aggregations: [] + operation: groupby + type: table + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisLabel: '' + axisPlacement: auto + fillOpacity: 80 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineWidth: 1 + scaleDistribution: + type: linear + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 29 + id: 30 + interval: 1d + options: + barRadius: 0 + barWidth: 0.97 + groupWidth: 0.85 + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + orientation: auto + showValue: auto + stacking: normal + tooltip: + mode: single + sort: none + xTickLabelRotation: 0 + xTickLabelSpacing: 100 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(increase(vm_backups_total{job=~"$job", instance=~"$instance"}[24h])) by (type) > 0 + legendFormat: __auto + range: true + refId: A + title: Backup runs + type: barchart + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + unit: binBps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 29 + id: 31 + options: + legend: + calcs: + - max + - mean + displayMode: list + placement: right + showLegend: false + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rollup_rate(vm_backups_uploaded_bytes_total[$__rate_interval])) by (rollup) + legendFormat: __auto + range: true + refId: A + title: Backups upload speed + type: timeseries + title: Backups + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 13 + id: 18 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Max duration of retention run. Lower better. + + + Retention is a process of removing old backups from remote storage.' + fieldConfig: + defaults: + color: + mode: thresholds + custom: + axisLabel: '' + axisPlacement: auto + fillOpacity: 80 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineWidth: 1 + scaleDistribution: + type: linear + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 38 + id: 26 + interval: 1h + options: + barRadius: 0 + barWidth: 0.97 + groupWidth: 0.7 + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + orientation: auto + showValue: auto + stacking: none + tooltip: + mode: single + sort: none + xTickLabelRotation: 0 + xTickLabelSpacing: 0 + pluginVersion: 9.0.4 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(increase(vm_retention_duration_seconds_total{job=~"$job", instance=~"$instance"})) > 0 + legendFormat: __auto + range: true + refId: A + title: Max retention duration + type: barchart + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 38 + id: 25 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(increase(vm_retention_errors_total{job=~"$job", instance=~"$instance"})[$__interval]) by (instance) > 0 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Retention errors + type: timeseries + title: Retention + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 14 + id: 34 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Duration of backup run. Lower better. + + + Each backup starts with data upload during `latest` backup. Subsequent backups (`hourly`, `daily`, `weekly`, `monthly`) are copying date by using server-side copy. + + ' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisLabel: '' + axisPlacement: auto + fillOpacity: 80 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineWidth: 1 + scaleDistribution: + type: linear + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + unit: s + overrides: [] + gridPos: + h: 11 + w: 24 + x: 0 + 'y': 39 + id: 36 + interval: 1h + options: + barRadius: 0 + barWidth: 0.97 + groupWidth: 0.7 + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + orientation: auto + showValue: auto + stacking: none + tooltip: + mode: single + sort: none + xTickLabelRotation: 0 + xTickLabelSpacing: 100 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: increase(vm_backup_duration_seconds_total{job=~"$job", instance=~"$instance"}) > 0 + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}type{{`}}`}}' + range: true + refId: A + title: Backup duration per instance + type: barchart + title: Drilldown + type: row +refresh: 1m +schemaVersion: 39 +tags: +- victoriametrics +- vm-k8s-stack +templating: + list: + - current: + selected: true + text: VictoriaMetrics + value: VictoriaMetrics + hide: 0 + includeAll: false + multi: false + name: ds + options: [] + query: {{ $defaultDatasource }} + queryValue: '' + refresh: 1 + regex: '' + skipUrlSync: false + type: datasource + - allValue: .* + current: {} + datasource: + uid: $ds + definition: label_values(vm_app_version{version=~"^vmbackupmanager.*"}, job) + hide: 0 + includeAll: true + multi: true + name: job + options: [] + query: + query: label_values(vm_app_version{version=~"^vmbackupmanager.*"}, job) + refId: StandardVariableQuery + refresh: 1 + regex: '' + skipUrlSync: false + sort: 0 + tagValuesQuery: '' + tagsQuery: '' + type: query + useTags: false + - allValue: .* + current: {} + datasource: + uid: $ds + definition: label_values(vm_app_version{job=~"$job"}, instance) + hide: 0 + includeAll: true + multi: true + name: instance + options: [] + query: + query: label_values(vm_app_version{job=~"$job"}, instance) + refId: VictoriaMetrics-instance-Variable-Query + refresh: 1 + regex: '' + skipUrlSync: false + sort: 0 + tagValuesQuery: '' + tagsQuery: '' + type: query + useTags: false + - datasource: + type: prometheus + uid: $ds + filters: [] + hide: 0 + name: adhoc + skipUrlSync: false + type: adhoc +time: + from: now-7d + to: now +timepicker: {} +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: VictoriaMetrics - backupmanager +uid: gF-lxRdVz +version: 1 +weekStart: '' diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-cluster.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-cluster.yaml new file mode 100644 index 0000000..0c19606 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-cluster.yaml @@ -0,0 +1,8342 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +annotations: + list: + - builtIn: 1 + datasource: + type: datasource + uid: grafana + enable: true + hide: true + iconColor: rgba(0, 211, 255, 1) + name: Annotations & Alerts + target: + limit: 100 + matchAny: false + tags: [] + type: dashboard + type: dashboard + - datasource: + type: prometheus + uid: $ds + enable: true + expr: sum(ALERTS{job=~"$job", instance=~"$instance", alertgroup="vmcluster",alertstate="firing",show_at="dashboard"}) by(alertname) + hide: false + iconColor: red + name: alerts + titleFormat: '{{`{{`}}alertname{{`}}`}}' + - datasource: + type: prometheus + uid: $ds + enable: true + expr: sum(vm_app_version{job=~"$job", instance=~"$instance"}) by(version) unless (sum(vm_app_version{job=~"$job", instance=~"$instance"} offset $__interval) by(version)) + hide: true + iconColor: dark-blue + name: version change + textFormat: '{{`{{`}}version{{`}}`}}' + titleFormat: Version change + - datasource: + type: prometheus + uid: $ds + enable: true + expr: sum(changes(vm_app_start_timestamp{job=~"$job", instance=~"$instance"}[$__interval])) by(job) + hide: false + iconColor: dark-yellow + name: restarts + textFormat: '{{`{{`}}job{{`}}`}} restarted' +condition: {{ ($Values.vmcluster).enabled }} +description: Overview for cluster VictoriaMetrics v1.117.0 or higher +editable: false +fiscalYearStartMonth: 0 +graphTooltip: 1 +id: 1 +links: +- icon: doc + tags: [] + targetBlank: true + title: Cluster Wiki + type: link + url: https://docs.victoriametrics.com/victoriametrics/cluster-victoriametrics/ +- icon: external link + tags: [] + targetBlank: true + title: Found a bug? + type: link + url: https://github.com/VictoriaMetrics/VictoriaMetrics/issues +- icon: external link + tags: [] + targetBlank: true + title: New releases + type: link + url: https://github.com/VictoriaMetrics/VictoriaMetrics/releases +panels: +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 0 + id: 137 + panels: [] + title: Stats + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: How many [data samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) are in storage + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: short + overrides: [] + gridPos: + h: 3 + w: 6 + x: 0 + 'y': 1 + id: 131 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + exemplar: true + expr: sum(vm_rows{job=~"$job_storage", type!~"indexdb.*"}) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Total datapoints + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the datapoints ingestion rate, including replication factor. + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: short + overrides: [] + gridPos: + h: 3 + w: 6 + x: 6 + 'y': 1 + id: 124 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(rate(vm_vminsert_metrics_read_total{job=~"$job_storage", instance=~"$instance"}[$__rate_interval])) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + range: false + refId: A + title: Ingestion rate + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of HTTP read requests. + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: req/s + overrides: [] + gridPos: + h: 3 + w: 6 + x: 12 + 'y': 1 + id: 130 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vm_http_requests_total{job=~"$job", instance=~"$instance", path=~"/select/.*"}[$__rate_interval])) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Read requests + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Total number of available CPUs for all VM components. ' + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: short + overrides: [] + gridPos: + h: 3 + w: 6 + x: 18 + 'y': 1 + id: 126 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(vm_available_cpu_cores{job=~"$job", instance=~"$instance"}) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Available CPU + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the number of [active time series](https://docs.victoriametrics.com/victoriametrics/faq/#what-is-an-active-time-series) with new data points inserted during the last hour. High value may result in ingestion slowdown. + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: short + overrides: [] + gridPos: + h: 3 + w: 6 + x: 0 + 'y': 4 + id: 34 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(max_over_time(vm_cache_entries{job=~"$job", instance=~"$instance", type="storage/hour_metric_ids"}[1h])) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Active series + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Total amount of used disk space + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: bytes + overrides: [] + gridPos: + h: 3 + w: 6 + x: 6 + 'y': 4 + id: 35 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + exemplar: false + expr: sum(vm_data_size_bytes{job=~"$job_storage"}) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Disk space usage + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Average disk usage per datapoint. + fieldConfig: + defaults: + color: + mode: thresholds + decimals: 2 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: bytes + overrides: [] + gridPos: + h: 3 + w: 6 + x: 12 + 'y': 4 + id: 112 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + exemplar: true + expr: sum(vm_data_size_bytes{job=~"$job_storage"}) / sum(vm_rows{job=~"$job_storage", type!~"indexdb.*"}) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Bytes per point + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Total size of available memory for all VM components. + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: bytes + overrides: [] + gridPos: + h: 3 + w: 6 + x: 18 + 'y': 4 + id: 128 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(vm_available_memory_bytes{job=~"$job", instance=~"$instance"}) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Available memory + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: thresholds + custom: + align: auto + cellOptions: + type: auto + inspect: false + minWidth: 50 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: + - matcher: + id: byName + options: Time + properties: + - id: custom.hidden + value: true + - matcher: + id: byName + options: Value + properties: + - id: displayName + value: Count + gridPos: + h: 5 + w: 8 + x: 0 + 'y': 7 + id: 149 + options: + cellHeight: sm + footer: + countRows: false + fields: '' + reducer: + - sum + show: false + showHeader: true + sortBy: + - desc: true + displayName: Count + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(vm_app_version{job=~"$job", instance=~"$instance"}) by(job, short_version) + format: table + instant: true + range: false + refId: A + title: '' + type: table +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: stepAfter + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 5 + w: 16 + x: 8 + 'y': 7 + id: 62 + options: + legend: + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(min_over_time(up{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (job) + format: time_series + instant: false + legendFormat: '{{`{{`}}job{{`}}`}}' + refId: A + title: Uptime ($job) + type: timeseries +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 12 + id: 10 + panels: [] + title: Overview + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: How many [data samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) are inserted into cluster per second by protocol before the replication. Check vminsert metrics if there are any issues with ingestion. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineStyle: + fill: solid + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 13 + id: 2 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vm_rows_inserted_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (type) > 0 + interval: '' + legendFormat: '{{`{{`}}type{{`}}`}}' + range: true + refId: A + title: Datapoints ingestion rate ($instance) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '* `*` - unsupported query path + + * `/write` - insert into VM + + * `/metrics` - query VM system metrics + + * `/query` - query instant values + + * `/query_range` - query over a range of time + + * `/series` - match a certain label set + + * `/label/{}/values` - query a list of label values (variables mostly)' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 13 + id: 6 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_http_requests_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (path) > 0 + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}path{{`}}`}}' + range: true + refId: A + title: Requests rate ($instance) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the number of [active time series](https://docs.victoriametrics.com/victoriametrics/faq/#what-is-an-active-time-series) with new data points inserted during the last hour across all storage nodes. High value may result in ingestion slowdown and high memory usage. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 21 + id: 12 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + expr: sum(vm_cache_entries{job=~"$job", instance=~"$instance", type="storage/hour_metric_ids"}) + format: time_series + intervalFactor: 1 + legendFormat: Active time series + refId: A + title: Active time series ($instance) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'The less time it takes is better. + + * `*` - unsupported query path + + * `/write` - insert into VM + + * `/metrics` - query VM system metrics + + * `/query` - query instant values + + * `/query_range` - query over a range of time + + * `/series` - match a certain label set + + * `/label/{}/values` - query a list of label values (variables mostly)' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 21 + id: 8 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(vm_request_duration_seconds{job=~"$job", instance=~"$instance", quantile="0.99"}) by (path) > 0 + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}path{{`}}`}}' + range: true + refId: A + title: Query duration 0.99 quantile ($instance) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '* `*` - unsupported query path + + * `/write` - insert into VM + + * `/metrics` - query VM system metrics + + * `/query` - query instant values + + * `/query_range` - query over a range of time + + * `/series` - match a certain label set + + * `/label/{}/values` - query a list of label values (variables mostly)' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 29 + id: 52 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_http_request_errors_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (job, path) > 0 + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}path{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: A + title: Requests error rate ($instance) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of logging the messages by their level. Unexpected spike in rate is a good reason to check logs. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: bars + fillOpacity: 100 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: + - targetBlank: true + title: Drilldown + url: /d/oS7Bi_0Wz?viewPanel=203&var-job=${__field.labels.job}&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 29 + id: 104 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vm_log_messages_total{job=~"$job",instance=~"$instance", level!="info"}[$__rate_interval])) by (job, level) > 0 + format: time_series + hide: false + interval: 5m + intervalFactor: 1 + legendFormat: '{{`{{`}}job{{`}}`}} - {{`{{`}}level{{`}}`}}' + range: true + refId: A + title: Logging rate + type: timeseries +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 37 + id: 46 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Percentage of used RSS memory (resident). + + The RSS memory shows the amount of memory recently accessed by the application. It includes anonymous memory and data from recently accessed files (aka page cache). + + The application''s performance will significantly degrade when memory usage is close to 100%. + + + Click on the line and choose Drilldown to show memory usage per instance' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: + - targetBlank: true + title: Drilldown + url: /d/oS7Bi_0Wz?viewPanel=189&var-job=${__field.labels.job}&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 2293 + id: 66 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + max( + max_over_time(process_resident_memory_bytes{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job", instance=~"$instance"} + ) by(job) + interval: '' + legendFormat: __auto + range: true + refId: A + title: RSS memory % usage ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: + - targetBlank: true + title: Drilldown + url: /d/oS7Bi_0Wz?viewPanel=192&var-job=${__field.labels.job}&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 2293 + id: 64 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + max( + rate(process_cpu_seconds_total{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + process_cpu_cores_available{job=~"$job", instance=~"$instance"} + ) by(job) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: __auto + range: true + refId: A + title: CPU ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Share for memory allocated by the process itself. When memory usage reaches 100% it will be likely OOM-killed. + + Safe memory usage % considered to be below 80% + + + Click on the line and choose Drilldown to show memory usage per instance' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: + - targetBlank: true + title: Drilldown + url: /d/oS7Bi_0Wz?viewPanel=190&var-job=${__field.labels.job}&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 2301 + id: 138 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + max( + max_over_time(process_resident_memory_anon_bytes{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job", instance=~"$instance"} + ) by(job) + interval: '' + legendFormat: __auto + range: true + refId: A + title: RSS anonymous memory % usage ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows CPU pressure based on [Pressure Stall Information](https://docs.kernel.org/accounting/psi.html). + + + The lower the better.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 2301 + id: 219 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(rate(process_pressure_cpu_waiting_seconds_total{job=~"$job"}[$__rate_interval])) by (job) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}job{{`}}`}} - waiting' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(rate(process_pressure_cpu_stalled_seconds_total{job=~"$job"}[$__rate_interval])) by (job) + format: time_series + hide: false + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}job{{`}}`}} - stalled' + range: true + refId: B + title: CPU pressure + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows memory pressure based on [Pressure Stall Information](https://docs.kernel.org/accounting/psi.html). + + + The lower the better.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 2309 + id: 220 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(rate(process_pressure_memory_waiting_seconds_total{job=~"$job"}[$__rate_interval])) by (job) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}job{{`}}`}} - waiting' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(rate(process_pressure_memory_stalled_seconds_total{job=~"$job"}[$__rate_interval])) by (job) + format: time_series + hide: false + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}job{{`}}`}} - stalled' + range: true + refId: B + title: Memory pressure + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the number of bytes read/write from the storage layer. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: Bps + overrides: + - matcher: + id: byRegexp + options: /read .*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 2309 + id: 122 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(process_io_storage_read_bytes_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: read {{`{{`}}job{{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_io_storage_written_bytes_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: write {{`{{`}}job{{`}}`}} + range: true + refId: B + title: Disk writes/reads ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the percentage of open file descriptors compared to the limit set in the OS. + + Reaching the limit of open files can cause various issues and must be prevented. + + + See how to change limits here https://medium.com/@muhammadtriwibowo/set-permanently-ulimit-n-open-files-in-ubuntu-4d61064429a' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: + - matcher: + id: byRegexp + options: /max.*/ + properties: + - id: color + value: + fixedColor: '#C4162A' + mode: fixed + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 2317 + id: 117 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + max( + max_over_time(process_open_fds{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + process_max_fds{job=~"$job", instance=~"$instance"} + ) by(job) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}job{{`}}`}}' + range: true + refId: A + title: Open FDs usage % ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the number of read/write syscalls such as read, pread, write, pwrite. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /read .*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 2317 + id: 204 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(process_io_read_syscalls_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: read {{`{{`}}job{{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_io_write_syscalls_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: write {{`{{`}}job{{`}}`}} + range: true + refId: B + title: Disk write/read calls ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 2325 + id: 68 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(max_over_time(go_goroutines{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Goroutines ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows IO pressure based on [Pressure Stall Information](https://docs.kernel.org/accounting/psi.html). + + + The lower the better.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 2325 + id: 221 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(rate(process_pressure_io_waiting_seconds_total{job=~"$job"}[$__rate_interval])) by (job) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}job{{`}}`}} - waiting' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(rate(process_pressure_io_stalled_seconds_total{job=~"$job"}[$__rate_interval])) by (job) + format: time_series + hide: false + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}job{{`}}`}} - stalled' + range: true + refId: B + title: IO pressure + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 2333 + id: 70 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(max_over_time(process_num_threads{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Threads ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 2333 + id: 119 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(max_over_time(vm_tcplistener_conns{job=~"$job", instance=~"$instance"}[$__interval])) by(job) + interval: '' + legendFormat: '{{`{{`}}job{{`}}`}}' + range: true + refId: A + title: TCP connections ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the percent of CPU spent on garbage collection. + + + If % is high, then CPU usage can be decreased by changing GOGC to higher values. Increasing GOGC value will increase memory usage, and decrease CPU usage. + + + Try searching for keyword `GOGC` at https://docs.victoriametrics.com/victoriametrics/troubleshooting/ ' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 2341 + id: 210 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: "max(\n rate(go_gc_cpu_seconds_total{job=~\"$job\", instance=~\"$instance\"}[$__rate_interval]) \n / rate(process_cpu_seconds_total{job=~\"$job\", instance=~\"$instance\"}[$__rate_interval])\n ) by(job)" + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: CPU spent on GC ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 2341 + id: 120 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vm_tcplistener_accepts_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + interval: '' + legendFormat: __auto + range: true + refId: A + title: TCP connections rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of allocations in memory. Sudden increase in allocations would mean increased pressure on Go Garbage Collector and can saturate CPU resources of the application. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 2349 + id: 218 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(rate(go_memstats_alloc_bytes_total{job=~"$job"}[$__rate_interval])) by (job) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Memory allocations rate + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the time goroutines have spent in runnable state before actually running. The lower is better.\n\nHigh values or values exceeding the threshold is usually a sign of insufficient CPU resources or CPU throttling. \n\nVerify that service has enough CPU resources. Otherwise, the service could work unreliably with delays in processing." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 0.1 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 2349 + id: 213 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(histogram_quantile(0.99, sum(rate(go_sched_latencies_seconds_bucket{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (job, instance, le))) by(job) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Go scheduling latency + type: timeseries + title: Resource usage ($job) + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 38 + id: 106 + panels: + - description: '' + fieldConfig: + defaults: {} + overrides: [] + gridPos: + h: 2 + w: 24 + x: 0 + 'y': 1519 + id: 211 + options: + code: + language: plaintext + showLineNumbers: false + showMiniMap: false + content: See [Troubleshooting](https://docs.victoriametrics.com/victoriametrics/troubleshooting/) docs. + mode: markdown + pluginVersion: 11.5.0 + title: '' + transparent: true + type: text + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the rate and total number of new series created over last 24h. + + + High [churn rate](https://docs.victoriametrics.com/victoriametrics/faq/#what-is-high-churn-rate) tightly connected with database performance and may result in unexpected OOM''s or slow queries. It is recommended to always keep an eye on this metric to avoid unexpected [cardinality](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#cardinality) "explosions". + + + The higher churn rate is, the more resources required to handle it. Consider to keep the churn rate as low as possible. + + + To investigate stats about most expensive series use `api/v1/status/tsdb` handler. More details here https://docs.victoriametrics.com/victoriametrics/cluster-victoriametrics/#url-format + + + Good references to read: + + * https://www.robustperception.io/cardinality-is-key + + * https://valyala.medium.com/high-cardinality-tsdb-benchmarks-victoriametrics-vs-timescaledb-vs-influxdb-13e6ee64dd6b' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: new series over 24h + properties: + - id: custom.axisPlacement + value: right + - id: custom.axisSoftMin + value: 0 + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1521 + id: 102 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + exemplar: true + expr: sum(rate(vm_new_timeseries_created_total{job=~"$job_storage", instance=~"$instance"}[$__rate_interval])) + interval: '' + legendFormat: churn rate + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + exemplar: true + expr: sum(increase(vm_new_timeseries_created_total{job=~"$job_storage", instance=~"$instance"}[24h])) + hide: false + interval: '' + legendFormat: new series over 24h + refId: B + title: Churn rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "The percentage of [slow inserts](https://docs.victoriametrics.com/victoriametrics/faq/#what-is-a-slow-insert) compared to the total ingestion rate. \n\nThe lower the better. \n\nIn short, slow insert is a cache miss. There are following reasons for slow inserts to go up: \n* Ingestion of completely new, not seen before time series;\n* [Re-routing](https://docs.victoriametrics.com/victoriametrics/cluster-victoriametrics/#cluster-availability) of series when one or more vmstorage nodes are unavailable;\n* Not enough memory to maintain big enough caches for the current workload.\n\nIf percentage remains high (>10%) during extended periods of time, then it is likely more RAM is needed for optimal handling of the current number of [active time series](https://docs.victoriametrics.com/victoriametrics/faq/#what-is-an-active-time-series). \n\nSee [this issue](https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3976#issuecomment-1476883183) for details." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line+area + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: transparent + value: null + - color: red + value: 0.1 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1521 + id: 108 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: "max(\n rate(vm_slow_row_inserts_total{job=~\"$job_storage\"}[$__rate_interval]) \n / rate(vm_rows_added_to_storage_total{job=~\"$job_storage\"}[$__rate_interval])\n)" + interval: '' + legendFormat: slow inserts + range: true + refId: A + title: Slow inserts + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Merge assist happens when vmstorage can't keep up with merging parts. This is usually a sign of overload for vmstorage. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: bars + fillOpacity: 100 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1529 + id: 170 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(increase(vm_assisted_merges_total{job=~"$job_storage", instance=~"$instance"}[$__rate_interval])) by(type) > 0 + format: time_series + interval: 5m + intervalFactor: 1 + legendFormat: __auto + range: true + refId: A + title: Assisted merges ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows % of slow queries according to `search.logSlowQueryDuration` flag, which is `5s` by default. + + + The less value is better.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1529 + id: 107 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: |- + sum(rate(vm_slow_queries_total{job=~"$job_select", instance=~"$instance"}[$__rate_interval])) + / + sum(rate(vm_http_requests_total{job=~"$job_select", instance=~"$instance", path=~"/select/.*"}[$__rate_interval])) + interval: '' + legendFormat: slow queries % + range: true + refId: A + title: Slow queries % ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the percentage of used cache size from the allowed size by type. \nValues close to 100% show the maximum potential utilization.\nValues close to 0% show that cache is underutilized." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 9 + w: 12 + x: 0 + 'y': 1537 + id: 144 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: "max(\n vm_cache_size_bytes{job=~\"$job\", instance=~\"$instance\"} \n /\n vm_cache_size_max_bytes{job=~\"$job\", instance=~\"$instance\"}\n) by(type)" + interval: '' + legendFormat: __auto + range: true + refId: A + title: Cache usage % by type ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows cache miss ratio. Lower is better. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + max: 1 + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 9 + w: 12 + x: 12 + 'y': 1537 + id: 58 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + max( + rate(vm_cache_misses_total{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + rate(vm_cache_requests_total{job=~"$job", instance=~"$instance"}[$__rate_interval]) + ) by(type) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: __auto + range: true + refId: A + title: Cache miss ratio ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: The value is above 0 when the vmstorage at the given `addr` communicates to the given vminsert node that it cannot accept new data because it is in the read-only mode. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1546 + id: 142 + links: + - targetBlank: true + title: Readonly mode + url: https://docs.victoriametrics.com/victoriametrics/cluster-victoriametrics/#readonly-mode + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(vm_rpc_vmstorage_is_read_only{job=~"$job_insert", instance=~"$instance"}) by(instance, addr) > 0 + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} => {{`{{`}}addr{{`}}`}}' + range: true + refId: A + title: Storage in readonly status for vminsert ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows rate of deduplicated samples during [deduplication](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#deduplication) or [downsampling](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#downsampling), according to the configured `-dedup.minScrapeInterval` or `-downsampling.period`. + + + Should be empty if `-dedup.minScrapeInterval` and `-downsampling.period` isn''t set. + + + Deduplication happens in two places: + + * `type="merge"` - during [background merges](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#storage) by vmstorages. Deduplication during merges is permanent. + + * `type="select"` - during [read queries](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#query-data) by vmselects. Deduplication happens in-flight and has no permanent effect. + + + The more samples need to be deduplicated, the higher will be resource usage on vmselects or vmstorages.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1546 + id: 215 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vm_deduplicated_samples_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, type) >0 + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: __auto + range: true + refId: A + title: Deduplication rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows how many samples were ignored or dropped on insertion due to various reasons: + + * timestamp out of retention period or timestamp in future; + + * invalid metric name; + + * exceeding limit for labels length or number; + + * dropped by [relabeling configuration](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#relabeling).' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1554 + id: 135 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(increase(vm_rows_ignored_total{job=~"$job", instance=~"$instance"}[1h])) by (reason) + hide: false + interval: '' + legendFormat: __auto + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(increase(vm_relabel_metrics_dropped_total{job=~"$job", instance=~"$instance"}[1h])) + hide: false + instant: false + legendFormat: relabeling + range: true + refId: B + title: Samples dropped for last 1h ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the number of partial results served by `vmselects`. + + + `vmselect` continues serving queries if at least a single vmstorage nodes is available. It marks responses as `partial` for queries served from the remaining healthy vmstorage nodes. + + + If you prefer consistency over availability then run vmselect nodes with `-search.denyPartialResponse` cmd-line flag. In this case vmselect returns an error if at least a single vmstorage node is unavailable. + + + See more at [cluster availability](https://docs.victoriametrics.com/victoriametrics/cluster-victoriametrics/#cluster-availability).' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: stepAfter + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1554 + id: 217 + options: + legend: + calcs: + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(increase(vm_partial_results_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) > 0 + format: time_series + instant: false + legendFormat: partial results + refId: A + title: Partial query results ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: thresholds + custom: + align: auto + cellOptions: + type: auto + inspect: false + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: + - matcher: + id: byName + options: Value + properties: + - id: custom.hidden + value: true + - matcher: + id: byName + options: Time + properties: + - id: custom.hidden + value: true + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1562 + id: 183 + options: + cellHeight: sm + footer: + countRows: false + fields: '' + reducer: + - sum + show: false + showHeader: true + sortBy: + - desc: true + displayName: job + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(flag{is_set="true", job=~"$job", instance=~"$instance"}) by(job, instance, name, value) + format: table + instant: true + legendFormat: __auto + range: false + refId: A + title: Non-default flags + transformations: + - id: groupBy + options: + fields: + instance: + aggregations: + - uniqueValues + operation: aggregate + job: + aggregations: [] + operation: groupby + name: + aggregations: [] + operation: groupby + value: + aggregations: [] + operation: groupby + type: table + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the number of restarts per job. The chart can be useful to identify periodic process restarts and correlate them with potential issues or anomalies. Normally, processes shouldn''t restart unless restart was inited by user. The reason of restarts should be figured out by checking the logs of each specific service. ' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: stepAfter + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1562 + id: 214 + options: + legend: + calcs: + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(changes(vm_app_start_timestamp{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + format: time_series + instant: false + legendFormat: '{{`{{`}}job{{`}}`}}' + refId: A + title: Restarts ($job) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: ${ds} + description: 'Shows the amount of data scheduled for [downsampling](https://docs.victoriametrics.com/#downsampling) or [retention filters](https://docs.victoriametrics.com/#retention-filters). + + + Applying downsampling or retention filters happens in background. `vmstorage` schedules this process periodically when finds data partitions that satisfy configured retention or downsampling rules. + + + This process could consume additional CPU and Disk IO resources.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1570 + id: 222 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: single + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: ${ds} + editorMode: code + expr: sum(vm_downsampling_partitions_scheduled_size_bytes{job=~"$job", instance=~"$instance"}) > 0 + legendFormat: downsampling + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: ${ds} + editorMode: code + expr: sum(vm_retention_partitions_scheduled_size_bytes{job=~"$job", instance=~"$instance"}) > 0 + hide: false + instant: false + legendFormat: retention filters + range: true + refId: B + title: Partitions scheduled for re-processing + type: timeseries + title: Troubleshooting + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 39 + id: 48 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows number of pushed and sent rows. \n* `Pushed rows` - rows added to internal inserter buffers before send\n* `Sent rows` - successfully transmitted rows to storage nodes\n\nPlease note, it could be that `Sent > Pushed` because of the replication factor." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 9 + w: 12 + x: 0 + 'y': 4941 + id: 76 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_rpc_rows_pushed_total{job=~"$job",instance=~"$instance"}[$__rate_interval])) + format: time_series + intervalFactor: 1 + legendFormat: Pushed + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_rpc_rows_sent_total{job=~"$job",instance=~"$instance"}[$__rate_interval])) + format: time_series + intervalFactor: 1 + legendFormat: Sent + range: true + refId: E + title: Rows ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Rate of RPC errors by type: + + * `Connection` - the number of connection errors to vmstorage node + + * `Dial` - the number of dial errors to vmstorage node. + + * `Handshake` - the number of handshake errors to vmstorage node + + * `Rerouted` - errors appeared during rerouting of rows from un-healthy storage node to a healthy one.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 9 + w: 12 + x: 12 + 'y': 4941 + id: 86 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_rpc_connection_errors_total{job=~"$job",instance=~"$instance"}[$__rate_interval])) + format: time_series + intervalFactor: 1 + legendFormat: Connection + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + expr: sum(rate(vm_rpc_dial_errors_total{job=~"$job",instance=~"$instance"}[$__rate_interval])) + format: time_series + intervalFactor: 1 + legendFormat: Dial + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + expr: sum(rate(vm_rpc_handshake_errors_total{job=~"$job",instance=~"$instance"}[$__rate_interval])) + format: time_series + intervalFactor: 1 + legendFormat: Handshake + refId: E + title: RPC errors ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: The number of rows rerouted to the vmstorage node from other nodes when they were unhealthy. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: rps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 4950 + id: 80 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vm_rpc_rows_rerouted_to_here_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(addr) > 0 + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: __auto + range: true + refId: A + title: 'Rows ($instance) rerouted to ' + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: The number of rows rerouted from the vmstorage node to healthy nodes when the given node was unhealthy. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: rps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 4950 + id: 78 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + exemplar: true + expr: sum(rate(vm_rpc_rows_rerouted_from_here_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(addr) > 0 + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}addr{{`}}`}}' + refId: A + title: Rows ($instance) rerouted from + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: The number of rows or bytes that vminsert internal buffer contains at the moment. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: bytes + properties: + - id: unit + value: bytes + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 4958 + id: 82 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + expr: sum(vm_rpc_buf_pending_bytes{job=~"$job", instance=~"$instance"}) + legendFormat: bytes + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + expr: sum(vm_rpc_rows_pending{job=~"$job", instance=~"$instance"}) + legendFormat: rows + refId: B + title: Pending + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Network usage by internal VictoriaMetrics RPC protocol + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bps + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 4958 + id: 74 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_tcpdialer_written_bytes_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) * 8 + legendFormat: network usage + range: true + refId: A + title: RPC network usage ($instance) + type: timeseries + title: Interconnection ($job) + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 40 + id: 24 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the number of datapoints ingested into storage nodes per second. This metric doesn't show all stored datapoints since some of them may be dropped because of wrong timestamps or decode errors. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 2387 + id: 100 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_vminsert_metrics_read_total{job=~"$job_storage", instance=~"$instance"}[$__rate_interval])) + format: time_series + intervalFactor: 1 + legendFormat: ingestion rate + range: true + refId: A + title: Ingestion rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Share for memory allocated by the process itself. When memory usage reaches 100% it will be likely OOM-killed. + + Safe memory usage % considered to be below 80% + + + Click on the line and choose Drilldown to show memory usage per instance' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + links: + - targetBlank: true + title: Drilldown + url: /d/oS7Bi_0Wz?viewPanel=190&var-job=$job_storage&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 0.9 + unit: percentunit + overrides: [] + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 2387 + id: 167 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + max( + max_over_time(process_resident_memory_anon_bytes{job=~"$job_storage", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job_storage", instance=~"$instance"} + ) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: max + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + min( + max_over_time(process_resident_memory_anon_bytes{job=~"$job_storage", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job_storage", instance=~"$instance"} + ) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: min + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + quantile(0.5, + max_over_time(process_resident_memory_anon_bytes{job=~"$job_storage", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job_storage", instance=~"$instance"} + ) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: median + range: true + refId: C + title: Memory (anon) usage % ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the number of concurrently executed read requests, where: + + * `max` - equal to `-search.maxConcurrentRequest` cmd-line flag; + + * `current` - current number of concurrent select requests executed by storage. + + + Each concurrent select request requires RAM, CPU and disk IO resources during processing. Too many concurrent requests could result into OOM exceptions. + + + When `current` hits `max` constantly, it means storage is overloaded and requires more CPU (see CPU usage) or disks with more IOPS (see disk writes and reads panels in Resource Usage row). + + + See more at https://docs.victoriametrics.com/victoriametrics/cluster-victoriametrics/#resource-usage-limits' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: max + properties: + - id: color + value: + fixedColor: '#C4162A' + mode: fixed + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 2394 + id: 133 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: "max(\n max_over_time(vm_vmselect_concurrent_requests_current{job=~\"$job_storage\", \n instance=~\"$instance\"}[$__rate_interval])\n)" + interval: '' + legendFormat: current + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: min(vm_vmselect_concurrent_requests_capacity{job=~"$job_storage", instance=~"$instance"}) + hide: false + interval: '' + legendFormat: max + range: true + refId: B + title: Concurrent selects ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + links: + - targetBlank: true + title: Drilldown + url: /d/oS7Bi_0Wz?viewPanel=192&var-job=$job_storage&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 0.9 + unit: percentunit + overrides: [] + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 2395 + id: 151 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: |- + max( + rate(process_cpu_seconds_total{job=~"$job_storage", instance=~"$instance"}[$__rate_interval]) + / + process_cpu_cores_available{job=~"$job_storage", instance=~"$instance"} + ) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: max + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: |- + min( + rate(process_cpu_seconds_total{job=~"$job_storage", instance=~"$instance"}[$__rate_interval]) + / + process_cpu_cores_available{job=~"$job_storage", instance=~"$instance"} + ) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: min + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: |- + quantile(0.5, + rate(process_cpu_seconds_total{job=~"$job_storage", instance=~"$instance"}[$__rate_interval]) + / + process_cpu_cores_available{job=~"$job_storage", instance=~"$instance"} + ) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: median + range: true + refId: C + title: CPU usage % ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows how many ongoing insertions (not API /write calls) on disk are taking place, where:\n* `max` - equal to number of CPUs;\n* `current` - current number of goroutines busy with inserting rows into underlying storage.\n\nEvery successful API /write call results into flush on disk. The `max` is an internal limit and can't be changed. It is always equal to the number of CPUs. \n\nWhen `current` hits `max` constantly, it means storage is overloaded and requires more CPU (see CPU usage) or disks with more IOPS (see disk writes and reads panels in Resource Usage row)." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: max + properties: + - id: color + value: + fixedColor: '#C4162A' + mode: fixed + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 2402 + id: 212 + links: + - targetBlank: true + title: Related discussion + url: https://github.com/VictoriaMetrics/VictoriaMetrics/issues/632 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: "max(\n max_over_time(vm_concurrent_insert_current{job=~\"$job_storage\", \n instance=~\"$instance\"}[$__rate_interval])\n)" + interval: '' + legendFormat: current + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: min(vm_concurrent_insert_capacity{job=~"$job_storage", instance=~"$instance"}) + hide: false + interval: '' + legendFormat: max + range: true + refId: B + title: Concurrent flushes on disk ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: The number of rows merged per second by storage nodes. Merge speed depends on available CPU and disk IO bandwidth. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 2402 + id: 55 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_rows_merged_total{job=~"$job_storage", instance=~"$instance"}[$__rate_interval])) by(type) + legendFormat: __auto + range: true + refId: A + title: Merge speed + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "The max number of on-going merges across storage nodes.\n The drastic change in number of merges could be a sign of on-going deduplication/downsampling activity.\n It is expected to have high numbers for `storage/small` metric." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 2410 + id: 54 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(max_over_time(vm_active_merges{job=~"$job_storage", instance=~"$instance"}[$__rate_interval])) by(type) + legendFormat: __auto + range: true + refId: A + title: Active merges ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'The max number of data parts of LSM tree across all storage nodes in the last [partition](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#storage). + + Increase in number of parts (the hard limit is 512) is an evidence of slow merge performance - check the resource utilization. + + * `indexdb` - inverted index + + * `storage/small` - recently added parts of data ingested into storage (hot data) + + * `storage/big` - small parts gradually merged into bigger parts (cold data)' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 2410 + id: 22 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(vm_parts{job=~"$job_storage", instance=~"$instance", type=~"indexdb.*"}) by(type) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: __auto + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(vm_last_partition_parts{job=~"$job_storage", instance=~"$instance"}) by(type) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: __auto + range: true + refId: B + title: LSM parts max by type ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the percentage of used disk space. It is recommended to have at least 20% of free disk space for the best performance. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + links: + - targetBlank: true + title: Drilldown + url: /d/oS7Bi_0Wz?viewPanel=200&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 2418 + id: 20 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: "max(\n sum(vm_data_size_bytes{job=~\"$job\", instance=~\"$instance\"}) by(job, instance) /\n (\n sum(vm_free_disk_space_bytes{job=~\"$job\", instance=~\"$instance\"}-vm_free_disk_space_limit_bytes{job=~\"$job\", instance=~\"$instance\"}) by(job, instance) +\n sum(vm_data_size_bytes{job=~\"$job\", instance=~\"$instance\"}) by(job, instance)\n ) \n)" + format: time_series + intervalFactor: 1 + legendFormat: max + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: "min(\n sum(vm_data_size_bytes{job=~\"$job\", instance=~\"$instance\"}) by(job, instance) /\n (\n sum(vm_free_disk_space_bytes{job=~\"$job\", instance=~\"$instance\"}-vm_free_disk_space_limit_bytes{job=~\"$job\", instance=~\"$instance\"}) by(job, instance) +\n sum(vm_data_size_bytes{job=~\"$job\", instance=~\"$instance\"}) by(job, instance)\n ) \n)" + format: time_series + hide: false + intervalFactor: 1 + legendFormat: min + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: "quantile(0.5,\n sum(vm_data_size_bytes{job=~\"$job\", instance=~\"$instance\"}) by(job, instance) /\n (\n sum(vm_free_disk_space_bytes{job=~\"$job\", instance=~\"$instance\"}-vm_free_disk_space_limit_bytes{job=~\"$job\", instance=~\"$instance\"}) by(job, instance) +\n sum(vm_data_size_bytes{job=~\"$job\", instance=~\"$instance\"}) by(job, instance)\n ) \n)" + format: time_series + hide: false + intervalFactor: 1 + legendFormat: median + range: true + refId: C + title: Disk space usage % ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: How many data points are in RAM queue waiting to be written into storage. The number of pending data points should be in the range from 0 to `5*`, since VictoriaMetrics pushes pending data to persistent storage every 5 seconds. The index datapoints value in general is much lower. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: pending index entries + properties: + - id: unit + value: none + - id: decimals + value: 3 + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 2418 + id: 14 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(max_over_time(vm_pending_rows{job=~"$job_storage", instance=~"$instance", type="storage"}[$__rate_interval])) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: pending datapoints + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(max_over_time(vm_pending_rows{job=~"$job_storage", instance=~"$instance", type="indexdb"}[$__rate_interval])) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: pending index entries + range: true + refId: B + title: Pending datapoints ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the percentage of used disk space by type: datapoints or indexdb. Normally, indexdb takes much less space comparing to datapoints. But with high [churn rate](https://docs.victoriametrics.com/victoriametrics/faq/#what-is-high-churn-rate) the size of the indexdb could grow significantly. + + + The sum of the % can be > 100% since panel shows max % per-job and per-instance. It means different instance can have different ratio between datapoints and indexdb size.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + links: + - targetBlank: true + title: Drilldown + url: /d/oS7Bi_0Wz?viewPanel=201&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 2426 + id: 202 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: "max(\n sum(vm_data_size_bytes{job=~\"$job\", instance=~\"$instance\", type=~\"indexdb.*\"}) by(job, instance)\n / \n sum(vm_data_size_bytes{job=~\"$job\", instance=~\"$instance\"}) by(job, instance)\n)" + format: time_series + intervalFactor: 1 + legendFormat: indexdb + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: "max(\n sum(vm_data_size_bytes{job=~\"$job\", instance=~\"$instance\", type!~\"indexdb.*\"}) by(job, instance)\n / \n sum(vm_data_size_bytes{job=~\"$job\", instance=~\"$instance\"}) by(job, instance)\n)" + format: time_series + hide: false + intervalFactor: 1 + legendFormat: datapoints + range: true + refId: B + title: Disk space usage % by type ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Value > 0 means vmstorage is in readonly mode. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 2426 + id: 141 + links: + - targetBlank: true + title: Readonly mode + url: https://docs.victoriametrics.com/victoriametrics/cluster-victoriametrics/#readonly-mode + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: vm_storage_is_read_only{job=~"$job_storage", instance=~"$instance"} > 0 + interval: '' + legendFormat: '{{`{{`}} instance {{`}}`}}' + range: true + refId: A + title: Readonly mode + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows network usage by vmstorage services. + + * Writes show traffic sent to clients. + + * Reads show traffic received from clients.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bps + overrides: + - matcher: + id: byRegexp + options: /read.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 2434 + id: 206 + options: + legend: + calcs: + - mean + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_tcplistener_read_bytes_total{job=~"$job_storage", instance=~"$instance"}[$__rate_interval])) by(name) * 8 > 0 + format: time_series + intervalFactor: 1 + legendFormat: read from {{`{{`}}name{{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_tcplistener_written_bytes_total{job=~"$job_storage", instance=~"$instance"}[$__rate_interval])) by(name) * 8 > 0 + format: time_series + hide: false + intervalFactor: 1 + legendFormat: write to {{`{{`}}name{{`}}`}} + range: true + refId: B + title: Network usage ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the max number of existing [snapshots](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#how-to-work-with-snapshots) across vmstorages. + + + Recently made snapshots do not occupy disk space. But with time, as snapshots become older, they start to occupy more and more disk space. + + + It is recommended deleting old snapshots when they are no longer needed to free up disk space.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 2434 + id: 216 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: max(vm_snapshots{job=~"$job_storage", instance=~"$instance"}) + interval: '' + legendFormat: snapshots + range: true + refId: A + title: Number of snapshots + type: timeseries + title: vmstorage ($instance) + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 41 + id: 42 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Request rate accepted by vmselect nodes + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 4954 + id: 92 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_http_requests_total{job=~"$job_select", instance=~"$instance"}[$__rate_interval])) by (path) > 0 + format: time_series + intervalFactor: 1 + legendFormat: __auto + range: true + refId: A + title: Requests rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the max number of concurrent selects across instances. + + * `max` limit can be configured via `search.maxConcurrentRequests` flag + + * `current` shows the current number of goroutines busy with processing requests + + + When `current` hits `max` constantly, it means one or more vmselect nodes are overloaded with number of requests. If you observe that CPU for vmselects is saturated, consider adding more vmselect replicas or increase CPU resources. If CPU and Memory panels show a plenty of free resources - try increasing `-search.maxConcurrentRequests`. Please note, the higher is `-search.maxConcurrentRequests`, the higher could be [peak memory usage](https://docs.victoriametrics.com/victoriametrics/troubleshooting/#out-of-memory-errors).' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: max + properties: + - id: color + value: + fixedColor: '#C4162A' + mode: fixed + - id: custom.fillOpacity + value: 0 + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 4954 + id: 95 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(max_over_time(vm_concurrent_select_current{job=~"$job_select", instance=~"$instance"}[$__rate_interval])) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: current + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + expr: min(vm_concurrent_select_capacity{job=~"$job_select", instance=~"$instance"}) + format: time_series + intervalFactor: 1 + legendFormat: max + refId: B + title: Concurrent selects ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + links: + - targetBlank: true + title: Drilldown + url: /d/oS7Bi_0Wz?viewPanel=192&var-job=$job_select&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 0.9 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 4962 + id: 163 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + max( + rate(process_cpu_seconds_total{job=~"$job_select", instance=~"$instance"}[$__rate_interval]) + / + process_cpu_cores_available{job=~"$job_select", instance=~"$instance"} + ) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: max + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + min( + rate(process_cpu_seconds_total{job=~"$job_select", instance=~"$instance"}[$__rate_interval]) + / + process_cpu_cores_available{job=~"$job_select", instance=~"$instance"} + ) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: min + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + quantile(0.5, + rate(process_cpu_seconds_total{job=~"$job_select", instance=~"$instance"}[$__rate_interval]) + / + process_cpu_cores_available{job=~"$job_select", instance=~"$instance"} + ) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: median + range: true + refId: C + title: CPU usage % ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Share for memory allocated by the process itself. When memory usage reaches 100% it will be likely OOM-killed. + + Safe memory usage % considered to be below 80% + + + Click on the line and choose Drilldown to show memory usage per instance' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + links: + - targetBlank: true + title: Drilldown + url: /d/oS7Bi_0Wz?viewPanel=190&var-job=$job_select&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 0.9 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 4962 + id: 165 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + max( + max_over_time(process_resident_memory_anon_bytes{job=~"$job_select", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job_select", instance=~"$instance"} + ) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: max + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + min( + max_over_time(process_resident_memory_anon_bytes{job=~"$job_select", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job_select", instance=~"$instance"} + ) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: min + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + quantile(0.5, + max_over_time(process_resident_memory_anon_bytes{job=~"$job_select", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job_select", instance=~"$instance"} + ) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: median + range: true + refId: C + title: Memory (anon) usage % ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 99th percentile of the number of time series read per query. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 4970 + id: 178 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(histogram_quantile(0.99, sum(rate(vm_series_read_per_query_bucket{job=~"$job_select", instance=~"$instance"}[$__rate_interval])) by (instance, vmrange))) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: series + range: true + refId: A + title: Series read per query ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 99th percentile of number of [data samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) read per queried time series. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 4970 + id: 180 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(histogram_quantile(0.99, sum(rate(vm_rows_read_per_series_bucket{job=~"$job_select", instance=~"$instance"}[$__rate_interval])) by (instance, vmrange))) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: datapoints + range: true + refId: A + title: Datapoints read per series ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 99th percentile of number of [data samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) read per query. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 4978 + id: 179 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(histogram_quantile(0.99, sum(rate(vm_rows_read_per_query_bucket{job=~"$job_select", instance=~"$instance"}[$__rate_interval])) by (instance, vmrange))) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: datapoints + range: true + refId: A + title: Datapoints read per query ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '99th percentile of number of [data samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) scanner per query. + + + This number can exceed number of DatapointsReadPerQuery if `step` query arg passed to [/api/v1/query_range](https://prometheus.io/docs/prometheus/latest/querying/api/#range-queries) is smaller than the lookbehind window set in square brackets of [rollup function](https://docs.victoriametrics.com/victoriametrics/metricsql/#rollup-functions). For example, if `increase(some_metric[1h])` is executed with the `step=5m`, then the same [data samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) on a hour time range are scanned `1h/5m=12` times. See [this article](https://valyala.medium.com/how-to-optimize-promql-and-metricsql-queries-85a1b75bf986) for details.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 4978 + id: 181 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(histogram_quantile(0.99, sum(rate(vm_rows_scanned_per_query_bucket{job=~"$job_select", instance=~"$instance"}[$__rate_interval])) by (instance, vmrange))) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: datapoints + range: true + refId: A + title: Datapoints scanned per query ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows network usage between vmselects and clients, such as vmalert, Grafana, vmui, etc. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bps + overrides: + - matcher: + id: byRegexp + options: /read.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 4986 + id: 93 + options: + legend: + calcs: + - mean + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_tcplistener_read_bytes_total{job=~"$job_select", instance=~"$instance"}[$__rate_interval])) * 8 > 0 + format: time_series + intervalFactor: 1 + legendFormat: read from client + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_tcplistener_written_bytes_total{job=~"$job_select", instance=~"$instance"}[$__rate_interval])) * 8 > 0 + format: time_series + hide: false + intervalFactor: 1 + legendFormat: write to client + range: true + refId: B + title: 'Network usage: clients ($instance)' + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows network usage between vmselects and vmstorages. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bps + overrides: + - matcher: + id: byRegexp + options: /read.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 4986 + id: 207 + options: + legend: + calcs: + - mean + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_tcpdialer_read_bytes_total{job=~"$job_select", instance=~"$instance"}[$__rate_interval])) * 8 > 0 + format: time_series + intervalFactor: 1 + legendFormat: read from vmstorage + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_tcpdialer_written_bytes_total{job=~"$job_select", instance=~"$instance"}[$__rate_interval])) * 8 > 0 + format: time_series + hide: false + intervalFactor: 1 + legendFormat: write to vmstorage + range: true + refId: B + title: 'Network usage: vmstorage ($instance)' + type: timeseries + title: vmselect ($instance) + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 42 + id: 40 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '* `*` - unsupported query path + + * `/write` - insert into VM + + * `/metrics` - query VM system metrics + + * `/query` - query instant values + + * `/query_range` - query over a range of time + + * `/series` - match a certain label set + + * `/label/{}/values` - query a list of label values (variables mostly)' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 4955 + id: 97 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_http_requests_total{job=~"$job_insert", instance=~"$instance"}[$__rate_interval])) by (path) > 0 + format: time_series + intervalFactor: 1 + legendFormat: __auto + range: true + refId: A + title: Requests rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the max number of ongoing insertions. + + * `max` - equal to number of CPU * 2 by default. May be configured with `maxConcurrentInserts` flag; + + * `current` - current number of goroutines busy with processing requests. + + + `-maxConcurrentInserts` limits the number of insert requests which may be actively processed at any given point in time. All the other insert requests are queued for up to `-insert.maxQueueDuration` in the hope they will get a chance to be processed. This queue is used mostly for absorbing spikes for incoming insert request rate. + + + When `current` hits `max` constantly, it means vminsert node is overloaded and requires more CPU or higher limits.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: max + properties: + - id: color + value: + fixedColor: '#C4162A' + mode: fixed + - id: custom.fillOpacity + value: 0 + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 4955 + id: 99 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(max_over_time(vm_concurrent_insert_current{job=~"$job_insert", instance=~"$instance"}[$__rate_interval])) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: current + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + exemplar: true + expr: min(vm_concurrent_insert_capacity{job=~"$job_insert", instance=~"$instance"}) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: max + refId: B + title: Concurrent inserts ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + links: + - targetBlank: true + title: Drilldown + url: /d/oS7Bi_0Wz?viewPanel=192&var-job=$job_insert&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 0.9 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 4963 + id: 185 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + max( + rate(process_cpu_seconds_total{job=~"$job_insert", instance=~"$instance"}[$__rate_interval]) + / + process_cpu_cores_available{job=~"$job_insert", instance=~"$instance"} + ) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: max + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + min( + rate(process_cpu_seconds_total{job=~"$job_insert", instance=~"$instance"}[$__rate_interval]) + / + process_cpu_cores_available{job=~"$job_insert", instance=~"$instance"} + ) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: min + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + quantile(0.5, + rate(process_cpu_seconds_total{job=~"$job_insert", instance=~"$instance"}[$__rate_interval]) + / + process_cpu_cores_available{job=~"$job_insert", instance=~"$instance"} + ) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: median + range: true + refId: C + title: CPU usage % ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Share for memory allocated by the process itself. When memory usage reaches 100% it will be likely OOM-killed. + + Safe memory usage % considered to be below 80% + + + Click on the line and choose Drilldown to show memory usage per instance' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + links: + - targetBlank: true + title: Drilldown + url: /d/oS7Bi_0Wz?viewPanel=190&var-job=$job_insert&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 0.9 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 4963 + id: 187 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + max( + max_over_time(process_resident_memory_anon_bytes{job=~"$job_insert", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job_insert", instance=~"$instance"} + ) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: max + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + min( + max_over_time(process_resident_memory_anon_bytes{job=~"$job_insert", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job_insert", instance=~"$instance"} + ) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: min + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + quantile(0.5, + max_over_time(process_resident_memory_anon_bytes{job=~"$job_insert", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job_insert", instance=~"$instance"} + ) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: median + range: true + refId: C + title: Memory (anon) usage % ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the saturation level of connection between vminsert and vmstorage components. \n\nIf the threshold of 0.9sec is reached, then the connection is saturated by more than 90% and vminsert won't be able to keep up. This usually means that either vminsert or vmstorage nodes are struggling with the load. Verify CPU/mem saturation of both components and network saturation between them.\nIf vminsert resources are saturated - consider adding more resources or scale vminserts horizontally.\n\nIf vminsert resources and network are fine, check vmstorage metrics for anomalies." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line+area + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: transparent + - color: red + value: 0.9 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 4971 + id: 139 + options: + legend: + calcs: + - mean + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: max(rate(vm_rpc_send_duration_seconds_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(addr) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: __auto + range: true + refId: A + title: Storage connection saturation ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows when vmstorage node is unreachable for vminsert. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 4971 + id: 114 + options: + legend: + calcs: + - mean + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: vm_rpc_vmstorage_is_reachable{job=~"$job", instance=~"$instance"} != 1 + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} => {{`{{`}}addr{{`}}`}}' + range: true + refId: A + title: Storage reachability ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows network usage between vminserts and clients, such as vmagent, Prometheus, or any other client pushing metrics to vminsert. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bps + overrides: + - matcher: + id: byRegexp + options: /read.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 4979 + id: 208 + options: + legend: + calcs: + - mean + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_tcplistener_read_bytes_total{job=~"$job_insert", instance=~"$instance"}[$__rate_interval])) * 8 > 0 + format: time_series + intervalFactor: 1 + legendFormat: read from client + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_tcplistener_written_bytes_total{job=~"$job_insert", instance=~"$instance"}[$__rate_interval])) * 8 > 0 + format: time_series + hide: false + intervalFactor: 1 + legendFormat: write to client + range: true + refId: B + title: 'Network usage: clients ($instance)' + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows network usage between vminserts and vmstorages. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bps + overrides: + - matcher: + id: byRegexp + options: /read.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 4979 + id: 209 + options: + legend: + calcs: + - mean + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_tcpdialer_read_bytes_total{job=~"$job_insert", instance=~"$instance"}[$__rate_interval])) * 8 > 0 + format: time_series + intervalFactor: 1 + legendFormat: read from vmstorage + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_tcpdialer_written_bytes_total{job=~"$job_insert", instance=~"$instance"}[$__rate_interval])) * 8 > 0 + format: time_series + hide: false + intervalFactor: 1 + legendFormat: write to vmstorage + range: true + refId: B + title: 'Network usage: vmstorage ($instance)' + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 4987 + id: 88 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(histogram_quantile(0.99, sum(increase(vm_rows_per_insert_bucket{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (instance, vmrange))) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: max + range: true + refId: A + title: Rows per insert ($instance) + type: timeseries + title: vminsert ($instance) + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 43 + id: 194 + panels: + - fieldConfig: + defaults: {} + overrides: [] + gridPos: + h: 2 + w: 24 + x: 0 + 'y': 5004 + id: 198 + options: + code: + language: plaintext + showLineNumbers: false + showMiniMap: false + content: Drilldown row is used by other panels on the dashboard to show more detailed metrics per-instance. + mode: markdown + pluginVersion: 9.2.7 + title: '' + transparent: true + type: text + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the used memory (resident). + + The application''s performance will significantly degrade when memory usage is close to 100%.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + unit: decbytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 5006 + id: 189 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: max_over_time(process_resident_memory_bytes{job=~"$job", instance=~"$instance"}[$__rate_interval]) + interval: '' + legendFormat: '{{`{{`}}instance{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: A + title: RSS memory usage ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: RSS share for memory allocated by the process itself. This share cannot be freed by the OS, so it must be taken into account by OOM killer. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + unit: decbytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 5006 + id: 190 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: max_over_time(process_resident_memory_anon_bytes{job=~"$job", instance=~"$instance"}[$__rate_interval]) + interval: '' + legendFormat: '{{`{{`}}instance{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: A + title: RSS anonymous memory usage ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + unit: short + overrides: [] + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 5014 + id: 192 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(rate(process_cpu_seconds_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, instance) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: A + title: CPU usage ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the approx time needed to reach 100% of disk capacity based on the following params: + + * free disk space (after -storage.minFreeDiskSpaceBytes); + + * row ingestion rate; + + * compression.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 5014 + id: 196 + options: + legend: + calcs: + - mean + - lastNotNull + - min + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: "(vm_free_disk_space_bytes{job=~\"$job_storage\", instance=~\"$instance\"}-vm_free_disk_space_limit_bytes{job=~\"$job_storage\", instance=~\"$instance\"}) \n/ \nignoring(path) (\n (rate(vm_rows_added_to_storage_total{job=~\"$job_storage\", instance=~\"$instance\"}[1d]) - \n sum(rate(vm_deduplicated_samples_total{job=~\"$job_storage\", instance=~\"$instance\"}[1d])) without (type)) * \n (\n sum(vm_data_size_bytes{job=~\"$job_storage\", instance=~\"$instance\", type!~\"indexdb.*\"}) without(type) /\n sum(vm_rows{job=~\"$job_storage\", instance=~\"$instance\", type!~\"indexdb.*\"}) without(type)\n )\n +\n rate(vm_new_timeseries_created_total{job=~\"$job_storage\", instance=~\"$instance\"}[1d]) * \n (\n sum(vm_data_size_bytes{job=~\"$job_storage\", instance=~\"$instance\", type=\"indexdb/file\"}) /\n sum(vm_rows{job=~\"$job_storage\", instance=~\"$instance\", type=\"indexdb/file\"})\n )\n) > 0" + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Storage full ETA ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the percentage of used disk space. It is recommended to have at least 20% of free disk space for the best performance. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + unit: decbytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 5021 + id: 200 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_data_size_bytes{job=~"$job", instance=~"$instance"}) by(job, instance) + format: time_series + intervalFactor: 1 + legendFormat: '' + range: true + refId: A + title: Disk space usage ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + unit: decbytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 5021 + id: 201 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_data_size_bytes{job=~"$job", instance=~"$instance", type=~"indexdb.*"}) by(job, instance) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}job{{`}}`}}:{{`{{`}}instance{{`}}`}} (indexdb)' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_data_size_bytes{job=~"$job", instance=~"$instance", type!~"indexdb.*"}) by(job, instance) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}job{{`}}`}}:{{`{{`}}instance{{`}}`}} (datapoints)' + range: true + refId: B + title: Disk space usage by type ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of logging the messages by their level. Unexpected spike in rate is a good reason to check logs. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: bars + fillOpacity: 100 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 5029 + id: 203 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vm_log_messages_total{job=~"$job",instance=~"$instance", level!="info"}[$__rate_interval])) by (job, instance, level, location) > 0 + format: time_series + hide: false + interval: 5m + intervalFactor: 1 + legendFormat: __auto + range: true + refId: A + title: Logging rate + type: timeseries + title: Drilldown + type: row +preload: false +refresh: '' +schemaVersion: 40 +tags: +- victoriametrics +- vm-k8s-stack +templating: + list: + - current: + text: VictoriaMetrics - cluster + value: PAF93674D0B4E9963 + includeAll: false + name: ds + options: [] + query: {{ $defaultDatasource }} + refresh: 1 + regex: '' + type: datasource + - current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vm_app_version{version=~"^vm(insert|select|storage).*"}, job) + includeAll: true + multi: true + name: job + options: [] + query: + query: label_values(vm_app_version{version=~"^vm(insert|select|storage).*"}, job) + refId: VictoriaMetrics-job-Variable-Query + refresh: 1 + regex: '' + type: query + - current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vm_app_version{job=~"$job", version=~"^vminsert.*"}, job) + hide: 2 + includeAll: true + multi: true + name: job_insert + options: [] + query: + query: label_values(vm_app_version{job=~"$job", version=~"^vminsert.*"}, job) + refId: StandardVariableQuery + refresh: 1 + regex: '' + type: query + - current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vm_app_version{job=~"$job", version=~"^vmselect.*"}, job) + hide: 2 + includeAll: true + multi: true + name: job_select + options: [] + query: + query: label_values(vm_app_version{job=~"$job", version=~"^vmselect.*"}, job) + refId: StandardVariableQuery + refresh: 1 + regex: '' + type: query + - current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vm_app_version{job=~"$job", version=~"^vmstorage.*"}, job) + hide: 2 + includeAll: true + multi: true + name: job_storage + options: [] + query: + query: label_values(vm_app_version{job=~"$job", version=~"^vmstorage.*"}, job) + refId: StandardVariableQuery + refresh: 1 + regex: '' + type: query + - allValue: .* + current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vm_app_version{job=~"$job"}, instance) + includeAll: true + multi: true + name: instance + options: [] + query: + query: label_values(vm_app_version{job=~"$job"}, instance) + refId: VictoriaMetrics-instance-Variable-Query + refresh: 1 + regex: '' + type: query + - baseFilters: [] + datasource: + type: prometheus + uid: $ds + filters: [] + name: adhoc + type: adhoc +time: + from: now-3h + to: now +timepicker: + refresh_intervals: + - 10s + - 30s + - 1m + - 5m + - 15m + - 30m + - 1h + - 2h + - 1d +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: VictoriaMetrics - cluster +uid: oS7Bi_0Wz +version: 1 +weekStart: '' diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-operator.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-operator.yaml new file mode 100644 index 0000000..8ac1d19 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-operator.yaml @@ -0,0 +1,1597 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +annotations: + list: + - builtIn: 1 + datasource: + type: datasource + uid: grafana + enable: true + hide: true + iconColor: rgba(0, 211, 255, 1) + name: Annotations & Alerts + target: + limit: 100 + matchAny: false + tags: [] + type: dashboard + type: dashboard +condition: {{ (index $Values "victoria-metrics-operator" "enabled") }} +description: Overview for operator VictoriaMetrics v0.25.0 or higher +editable: false +fiscalYearStartMonth: 0 +graphTooltip: 0 +id: null +links: [] +liveNow: false +panels: +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: $ds + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 0 + id: 8 + panels: [] + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + refId: A + title: Overview + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + gridPos: + h: 3 + w: 4 + x: 0 + 'y': 1 + id: 24 + options: + code: + language: plaintext + showLineNumbers: false + showMiniMap: false + content: '
$version
' + mode: markdown + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + refId: A + title: Version + type: text +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Number of objects at kubernetes cluster per each controller + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: [] + gridPos: + h: 7 + w: 20 + x: 4 + 'y': 1 + id: 14 + options: + colorMode: none + graphMode: area + justifyMode: auto + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(operator_controller_objects_count{job=~"$job",instance=~"$instance"}) by (controller) + legendFormat: '{{`{{`}}controller{{`}}`}}' + range: true + refId: A + title: CRD Objects count by controller + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 4 + w: 4 + x: 0 + 'y': 4 + id: 22 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + textMode: auto + wideLayout: true + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: vm_app_uptime_seconds{job=~"$job",instance=~"$instance"} + format: table + instant: true + interval: '' + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: false + refId: A + title: Uptime + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: ' Shows per namespace watchers for Prometheus Operator objects (ServiceMonitors, PodMonitors, etc) ' + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: [] + gridPos: + h: 5 + w: 4 + x: 0 + 'y': 8 + id: 39 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + textMode: auto + wideLayout: true + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(operator_prometheus_converter_active_watchers) + instant: false + legendFormat: __auto + range: true + refId: A + title: Prometheus Objects watchers + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: " Number of operator instances with obtained leader status. \n Value above 1 indicates that instances with the same job may behave incorrectly.\n It's recommend to check Operator logs. " + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: [] + gridPos: + h: 5 + w: 4 + x: 4 + 'y': 8 + id: 40 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + textMode: auto + wideLayout: true + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(leader_election_master_status{job=~"$job"}) + instant: false + legendFormat: __auto + range: true + refId: A + title: Elected Leaders + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: ' Shows number of active reconcile workers' + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + min: 0 + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: [] + gridPos: + h: 5 + w: 4 + x: 8 + 'y': 8 + id: 41 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + textMode: auto + wideLayout: true + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(controller_runtime_active_workers{job=~"$job"}) + instant: false + legendFormat: __auto + range: true + refId: A + title: Active workers + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: ' Shows amount of Prometheus Operator objects processed by Operator.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: [] + gridPos: + h: 5 + w: 12 + x: 12 + 'y': 8 + id: 38 + options: + legend: + calcs: + - max + - mean + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(operator_prometheus_converter_watch_events_total{job=~"$job"}[$__interval])) by (event_type,object_type_name) + instant: false + legendFormat: '{{`{{`}}object_type_name{{`}}`}} {{`{{`}}event_type{{`}}`}}' + range: true + refId: A + title: Prometheus Converter Watch events + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 13 + w: 12 + x: 0 + 'y': 13 + id: 12 + options: + legend: + calcs: + - mean + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(controller_runtime_reconcile_total{job=~"$job",instance=~"$instance",result=~"requeue_after|requeue|success"}[$__rate_interval])) by(controller) + legendFormat: '{{`{{`}}controller{{`}}`}}' + range: true + refId: A + title: Reconciliation rate by controller + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of logging the messages by their level. Unexpected spike in rate is a good reason to check logs. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 13 + w: 12 + x: 12 + 'y': 13 + id: 16 + options: + legend: + calcs: + - mean + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(operator_log_messages_total{job=~"$job",instance=~"$instance"}[$__rate_interval])) by (level) + legendFormat: '{{`{{`}}label_name{{`}}`}}' + range: true + refId: A + title: Log message rate + type: timeseries +- collapsed: false + datasource: + type: {{ $defaultDatasource }} + uid: $ds + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 26 + id: 6 + panels: [] + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + refId: A + title: Troubleshooting + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Non zero metrics indicates about error with CR object definition (typos or incorrect values) or errors with kubernetes API connection. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 27 + id: 10 + options: + legend: + calcs: + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(rate(controller_runtime_reconcile_errors_total{job=~"$job",instance=~"$instance"}[$__rate_interval])) by(controller) > 0 + instant: false + legendFormat: '{{`{{`}}controller{{`}}`}}' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(controller_runtime_reconcile_total{job=~"$job",instance=~"$instance",result="error"}[$__rate_interval])) by(controller) > 0 + hide: false + legendFormat: 'result errors: {{`{{`}}controller{{`}}`}}' + range: true + refId: B + title: reconcile errors by controller + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Operator limits number of reconcile configuration events to 5 events per 2 seconds by default. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 27 + id: 18 + options: + legend: + calcs: + - mean + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(operator_reconcile_throttled_events_total[$__rate_interval])) by(controller) + legendFormat: '{{`{{`}}controller{{`}}`}}' + range: true + refId: A + title: throttled reconciliation config events + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Number of objects waiting in the queue for reconciliation. Non-zero values indicate that operator cannot process CR objects changes with the given resources. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 11 + w: 12 + x: 0 + 'y': 35 + id: 20 + options: + legend: + calcs: + - max + - mean + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(workqueue_depth{job=~"$job",instance=~"$instance"}) by (name) + legendFormat: '{{`{{`}}label_name{{`}}`}}' + range: true + refId: A + title: Working queue depth + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: " For controllers with StatefulSet it's ok to see latency greater then 3 seconds. It could be vmalertmanager,vmcluster or vmagent in statefulMode.\n\n For other controllers, latency greater then 2 second may indicate issues with kubernetes cluster or operator's performance.\n " + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 11 + w: 12 + x: 12 + 'y': 35 + id: 26 + options: + legend: + calcs: + - mean + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Mean + sortDesc: true + tooltip: + mode: multi + sort: none + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: histogram_quantile(0.99,sum(rate(controller_runtime_reconcile_time_seconds_bucket{job=~"$job"}[$__rate_interval])) by(le,controller) ) + legendFormat: q.99 {{`{{`}}controller{{`}}`}} + range: true + refId: A + title: Reconciliation latency by controller + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Number of HTTP requests to the Kubernetes API server break down by code and method + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 46 + id: 36 + options: + legend: + calcs: + - max + - mean + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(rest_client_requests_total{job=~"$job"}[$__interval])) by (method,code) + instant: false + legendFormat: '{{`{{`}}method{{`}}`}} {{`{{`}}code{{`}}`}}' + range: true + refId: A + title: Rest client requests + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows how many ongoing reconcile events are taking place, where: + + * `max` - equal to the value of flag`-controller.maxConcurrentReconciles`; + + * `current` - current number of reconcile workers processing CRD objects. + + + When `current` hits `max` constantly, it means operator cannot process events in time. It should be either increased value for flag `-controller.maxConcurrentReconciles` or allocated additional CPU resources to the operator.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: + - matcher: + id: byName + options: Max + properties: + - id: custom.axisColorMode + value: text + - id: color + value: + fixedColor: dark-red + mode: fixed + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 46 + id: 42 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(max_over_time(controller_runtime_active_workers{job=~"$job"}[$__interval])) + instant: false + legendFormat: Current + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: min(controller_runtime_max_concurrent_reconciles{job=~"$job"}) + hide: false + instant: false + legendFormat: Max + range: true + refId: B + title: Concurrent reconcile ($instance) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the time goroutines have spent in runnable state before actually running. The lower is better.\n\nHigh values or values exceeding the threshold is usually a sign of insufficient CPU resources or CPU throttling. \n\nVerify that service has enough CPU resources. Otherwise, the service could work unreliably with delays in processing." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 54 + id: 37 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(histogram_quantile(0.99, sum(rate(go_sched_latencies_seconds_bucket{job=~"$job"}[$__rate_interval])) by (job, instance, le))) by(job) + instant: false + legendFormat: __auto + range: true + refId: A + title: Go scheduling latency + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: ' Requests latency to the Kubernetes API server.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 54 + id: 35 + options: + legend: + calcs: + - max + - mean + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: histogram_quantile(0.99,sum(rate(rest_client_request_duration_seconds_bucket{job=~"$job"})) by(le,method,api) ) + instant: false + legendFormat: '{{`{{`}}method{{`}}`}} {{`{{`}}api{{`}}`}}' + range: true + refId: A + title: rest client latency + type: timeseries +- collapsed: true + datasource: + type: {{ $defaultDatasource }} + uid: $ds + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 62 + id: 4 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 63 + id: 28 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(go_memstats_sys_bytes{job=~"$job", instance=~"$instance"}) + legendFormat: requested from system + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(go_memstats_heap_inuse_bytes{job=~"$job", instance=~"$instance"}) + hide: false + legendFormat: heap inuse + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(go_memstats_stack_inuse_bytes{job=~"$job", instance=~"$instance"}) + hide: false + legendFormat: stack inuse + range: true + refId: C + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(process_resident_memory_bytes{job=~"$job", instance=~"$instance"}) + hide: false + legendFormat: resident + range: true + refId: D + title: Memory usage ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 63 + id: 30 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_cpu_seconds_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) + legendFormat: CPU cores used + range: true + refId: A + title: CPU ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 71 + id: 32 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(go_goroutines{job=~"$job", instance=~"$instance"}) + legendFormat: goroutines + range: true + refId: A + title: Goroutines ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 71 + id: 34 + options: + legend: + calcs: + - mean + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 10.4.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: |- + sum(rate(go_gc_duration_seconds_sum{job=~"$job", instance=~"$instance"}[$__rate_interval])) + / + sum(rate(go_gc_duration_seconds_count{job=~"$job", instance=~"$instance"}[$__rate_interval])) + legendFormat: avg gc duration + range: true + refId: A + title: GC duration ($instance) + type: timeseries + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + refId: A + title: resources + type: row +refresh: '' +schemaVersion: 39 +tags: +- victoriametrics +- vm-k8s-stack +templating: + list: + - current: {} + hide: 0 + includeAll: false + multi: false + name: ds + options: [] + query: {{ $defaultDatasource }} + queryValue: te + refresh: 1 + regex: '' + skipUrlSync: false + type: datasource + - current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(operator_log_messages_total,job) + hide: 0 + includeAll: false + multi: false + name: job + options: [] + query: + query: label_values(operator_log_messages_total,job) + refId: StandardVariableQuery + refresh: 2 + regex: '' + skipUrlSync: false + sort: 0 + type: query + - current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(operator_log_messages_total{job=~"$job"},instance) + hide: 0 + includeAll: true + multi: false + name: instance + options: [] + query: + query: label_values(operator_log_messages_total{job=~"$job"},instance) + refId: StandardVariableQuery + refresh: 2 + regex: '' + skipUrlSync: false + sort: 0 + type: query + - current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vm_app_version{job="$job", instance="$instance"}, version) + hide: 2 + includeAll: false + multi: false + name: version + options: [] + query: + query: label_values(vm_app_version{job="$job", instance="$instance"}, version) + refId: StandardVariableQuery + refresh: 1 + regex: '' + skipUrlSync: false + sort: 2 + type: query +time: + from: now-15m + to: now +timepicker: {} +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: VictoriaMetrics - operator +uid: 1H179hunk +version: 7 +weekStart: '' diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-single-node.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-single-node.yaml new file mode 100644 index 0000000..d0bd3d0 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-single-node.yaml @@ -0,0 +1,5258 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +annotations: + list: + - builtIn: 1 + datasource: + type: datasource + uid: grafana + enable: true + hide: true + iconColor: rgba(0, 211, 255, 1) + name: Annotations & Alerts + target: + limit: 100 + matchAny: false + tags: [] + type: dashboard + type: dashboard + - datasource: + type: prometheus + uid: $ds + enable: false + expr: sum(ALERTS{job=~"$job", instance=~"$instance", alertgroup="vmsingle",alertstate="firing",show_at="dashboard"}) by(alertname) + hide: false + iconColor: red + name: alerts + titleFormat: '{{`{{`}}alertname{{`}}`}}' + - datasource: + type: prometheus + uid: $ds + enable: true + expr: sum(vm_app_version{job=~"$job", instance=~"$instance"}) by(version) unless (sum(vm_app_version{job=~"$job", instance=~"$instance"} offset $__interval) by(version)) + hide: true + iconColor: dark-blue + name: version + textFormat: '{{`{{`}}version{{`}}`}}' + titleFormat: Version change +condition: {{ ($Values.vmsingle).enabled }} +description: Overview for single-node VictoriaMetrics v1.117.0 or higher +editable: false +fiscalYearStartMonth: 0 +graphTooltip: 1 +id: 1 +links: +- icon: doc + tags: [] + targetBlank: true + title: Single server Wiki + type: link + url: https://docs.victoriametrics.com/ +- icon: external link + tags: [] + targetBlank: true + title: Found a bug? + type: link + url: https://github.com/VictoriaMetrics/VictoriaMetrics/issues +- icon: external link + tags: [] + targetBlank: true + title: New releases + tooltip: '' + type: link + url: https://github.com/VictoriaMetrics/VictoriaMetrics/releases +panels: +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 0 + id: 6 + panels: [] + title: Stats + type: row +- description: '' + fieldConfig: + defaults: {} + overrides: [] + gridPos: + h: 2 + w: 4 + x: 0 + 'y': 1 + id: 85 + options: + code: + language: plaintext + showLineNumbers: false + showMiniMap: false + content: '
$version
' + mode: markdown + pluginVersion: 11.5.0 + title: Version + type: text +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: How many datapoints are in storage + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: short + overrides: [] + gridPos: + h: 2 + w: 5 + x: 4 + 'y': 1 + id: 26 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(vm_rows{job=~"$job", instance=~"$instance", type!~"indexdb.*"}) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Total datapoints + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the datapoints ingestion rate. + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: short + overrides: [] + gridPos: + h: 2 + w: 5 + x: 9 + 'y': 1 + id: 107 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(rate(vm_rows_inserted_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Ingestion rate + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of HTTP read requests. + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: short + overrides: [] + gridPos: + h: 2 + w: 5 + x: 14 + 'y': 1 + id: 108 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(rate(vm_http_requests_total{job=~"$job", instance=~"$instance", path!~".*(/write|/metrics)"}[$__rate_interval])) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Read requests + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Total number of available CPUs for VM process + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 2 + w: 5 + x: 19 + 'y': 1 + id: 77 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + exemplar: false + expr: sum(vm_available_cpu_cores{job=~"$job", instance=~"$instance"}) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Available CPU + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: red + value: null + - color: green + value: 1800 + unit: s + overrides: [] + gridPos: + h: 2 + w: 4 + x: 0 + 'y': 3 + id: 87 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: min(vm_app_uptime_seconds{job=~"$job", instance=~"$instance"}) + instant: true + interval: '' + legendFormat: '' + refId: A + title: Uptime + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the number of [active time series](https://docs.victoriametrics.com/victoriametrics/faq/#what-is-an-active-time-series) with new data points inserted during the last hour. High value may result in ingestion slowdown. + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: short + overrides: [] + gridPos: + h: 2 + w: 5 + x: 4 + 'y': 3 + id: 38 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(vm_cache_entries{job=~"$job", instance=~"$instance", type="storage/hour_metric_ids"}) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Active series + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Total amount of used disk space + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: bytes + overrides: [] + gridPos: + h: 2 + w: 5 + x: 9 + 'y': 3 + id: 81 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(vm_data_size_bytes{job=~"$job", instance=~"$instance"}) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Disk space usage + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Average disk usage per datapoint. + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: bytes + overrides: [] + gridPos: + h: 2 + w: 5 + x: 14 + 'y': 3 + id: 82 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: max(sum(vm_data_size_bytes{job=~"$job", instance=~"$instance"}) / sum(vm_rows{job=~"$job", instance=~"$instance"})) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Bytes per point + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Total size of available memory for VM process + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: bytes + overrides: [] + gridPos: + h: 2 + w: 5 + x: 19 + 'y': 3 + id: 78 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + uid: $ds + exemplar: false + expr: sum(vm_available_memory_bytes{job=~"$job", instance=~"$instance"}) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Available memory + type: stat +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 5 + id: 24 + panels: [] + title: Overview + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: How many datapoints are inserted into storage per second + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 6 + id: 106 + options: + legend: + calcs: + - mean + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + uid: $ds + editorMode: code + expr: sum(rate(vm_rows_inserted_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (type, instance) > 0 + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}type{{`}}`}}' + range: true + refId: A + title: Datapoints ingestion rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '* `*` - unsupported query path + + * `/write` - insert into VM + + * `/metrics` - query VM system metrics + + * `/query` - query instant values + + * `/query_range` - query over a range of time + + * `/series` - match a certain label set + + * `/label/{}/values` - query a list of label values (variables mostly)' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 6 + id: 12 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_http_requests_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (path, instance) > 0 + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}path{{`}}`}}' + range: true + refId: A + title: Requests rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the number of [active time series](https://docs.victoriametrics.com/victoriametrics/faq/#what-is-an-active-time-series) with new data points inserted during the last hour. High value may result in ingestion slowdown. \n\nSee following link for details:" + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 14 + id: 51 + links: + - targetBlank: true + title: troubleshooting + url: https://docs.victoriametrics.com/victoriametrics/troubleshooting/ + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: vm_cache_entries{job=~"$job", instance=~"$instance", type="storage/hour_metric_ids"} + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Active time series + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'The less time it takes is better. + + * `*` - unsupported query path + + * `/write` - insert into VM + + * `/metrics` - query VM system metrics + + * `/query` - query instant values + + * `/query_range` - query over a range of time + + * `/series` - match a certain label set + + * `/label/{}/values` - query a list of label values (variables mostly)' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 14 + id: 22 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(vm_request_duration_seconds{job=~"$job", instance=~"$instance", quantile="0.99"}) by (instance, path) > 0 + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}path{{`}}`}}' + range: true + refId: A + title: Query duration 0.99 quantile + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '* `*` - unsupported query path + + * `/write` - insert into VM + + * `/metrics` - query VM system metrics + + * `/query` - query instant values + + * `/query_range` - query over a range of time + + * `/series` - match a certain label set + + * `/label/{}/values` - query a list of label values (variables mostly)' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 22 + id: 35 + options: + legend: + calcs: + - mean + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(rate(vm_http_request_errors_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (instance, path) > 0 + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}path{{`}}`}}' + range: true + refId: A + title: Requests error rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of logging the messages by their level. Unexpected spike in rate is a good reason to check logs. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: bars + fillOpacity: 100 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 22 + id: 110 + options: + legend: + calcs: + - lastNotNull + - mean + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: single + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_log_messages_total{job=~"$job", instance=~"$instance", level!="info"}[$__rate_interval])) by (instance, level, location) > 0 + interval: 5m + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}level{{`}}`}}: {{`{{`}}location{{`}}`}}' + range: true + refId: A + title: Logging rate + type: timeseries +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 30 + id: 46 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Percentage of used RSS memory (resident). + + The RSS memory shows the amount of memory recently accessed by the application. It includes anonymous memory and data from recently accessed files (aka page cache). + + The application''s performance will significantly degrade when memory usage is close to 100%.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 95 + id: 112 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: |- + max( + max_over_time(process_resident_memory_bytes{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job", instance=~"$instance"} + ) by(instance) + interval: '' + legendFormat: __auto + range: true + refId: A + title: RSS memory % usage + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 95 + id: 114 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: |- + max( + rate(process_cpu_seconds_total{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + process_cpu_cores_available{job=~"$job", instance=~"$instance"} + ) by(instance) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: __auto + range: true + refId: A + title: CPU % usage + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Share for memory allocated by the process itself. When memory usage reaches 100% it will be likely OOM-killed. + + Safe memory usage % considered to be below 80%' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 103 + id: 123 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: |- + max( + max_over_time(process_resident_memory_anon_bytes{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job", instance=~"$instance"} + ) by(instance) + interval: '' + legendFormat: __auto + range: true + refId: A + title: RSS anonymous memory % usage + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: CPU cores used by instance + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: Limit + properties: + - id: color + value: + fixedColor: '#F2495C' + mode: fixed + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 103 + id: 57 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: rate(process_cpu_seconds_total{job=~"$job", instance=~"$instance"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: min(process_cpu_cores_available{job=~"$job", instance=~"$instance"}) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: Limit + range: true + refId: B + title: CPU + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 111 + id: 44 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(go_memstats_sys_bytes{job=~"$job", instance=~"$instance"}) by (instance) + sum(vm_cache_size_bytes{job=~"$job", instance=~"$instance"}) by (instance) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - requested from system' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(go_memstats_heap_inuse_bytes{job=~"$job", instance=~"$instance"}) by (instance) + sum(vm_cache_size_bytes{job=~"$job", instance=~"$instance"}) by (instance) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - heap inuse' + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(go_memstats_stack_inuse_bytes{job=~"$job", instance=~"$instance"}) by (instance) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - stack inuse' + range: true + refId: C + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(process_resident_memory_bytes{job=~"$job", instance=~"$instance"}) by (instance) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - resident' + range: true + refId: D + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(process_resident_memory_anon_bytes{job=~"$job", instance=~"$instance"}) by (instance) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - resident anonymous' + range: true + refId: E + title: Memory usage + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows CPU pressure based on [Pressure Stall Information](https://docs.kernel.org/accounting/psi.html). + + + The lower the better.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 111 + id: 134 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_cpu_waiting_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - waiting' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_cpu_stalled_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + hide: false + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - stalled' + range: true + refId: B + title: CPU pressure + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows memory pressure based on [Pressure Stall Information](https://docs.kernel.org/accounting/psi.html). + + + The lower the better.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 119 + id: 135 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_memory_waiting_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - waiting' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_memory_stalled_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + hide: false + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - stalled' + range: true + refId: B + title: Memory pressure + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the number of bytes read/write from the storage layer. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byRegexp + options: /.*read/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 119 + id: 76 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_io_storage_read_bytes_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (instance) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - read' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_io_storage_written_bytes_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (instance) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - write' + range: true + refId: B + title: Disk writes/reads + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 127 + id: 47 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(go_goroutines{job=~"$job", instance=~"$instance"}) by(instance) + format: time_series + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Goroutines + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the number of read/write syscalls such as read, pread, write, pwrite. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /.*read.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 127 + id: 124 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_io_read_syscalls_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (instance) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - read calls' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_io_write_syscalls_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (instance) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - write calls' + range: true + refId: B + title: Disk write/read calls + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 135 + id: 48 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(process_num_threads{job=~"$job", instance=~"$instance"}) by(instance) + format: time_series + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Threads + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows IO pressure based on [Pressure Stall Information](https://docs.kernel.org/accounting/psi.html). + + + The lower the better.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 135 + id: 136 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_io_waiting_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - waiting' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_io_stalled_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + hide: false + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - stalled' + range: true + refId: B + title: IO pressure + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 143 + id: 49 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_tcplistener_accepts_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(instance) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: TCP connections rate + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 143 + id: 37 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_tcplistener_conns{job=~"$job", instance=~"$instance"}) by(instance) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: TCP connections + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the percentage of open file descriptors compared to the limit set in the OS. + + Reaching the limit of open files can cause various issues and must be prevented. + + + See how to change limits here https://medium.com/@muhammadtriwibowo/set-permanently-ulimit-n-open-files-in-ubuntu-4d61064429a' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: + - matcher: + id: byName + options: max + properties: + - id: color + value: + fixedColor: '#C4162A' + mode: fixed + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 151 + id: 75 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: |- + max_over_time(process_open_fds{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + process_max_fds{job=~"$job", instance=~"$instance"} + format: time_series + hide: false + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Open FDs + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the percent of CPU spent on garbage collection. + + + If % is high, then CPU usage can be decreased by changing GOGC to higher values. Increasing GOGC value will increase memory usage, and decrease CPU usage. + + + Try searching for keyword `GOGC` at https://docs.victoriametrics.com/victoriametrics/troubleshooting/ ' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 151 + id: 125 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: "max(\n rate(go_gc_cpu_seconds_total{job=~\"$job\", instance=~\"$instance\"}[$__rate_interval]) \n / rate(process_cpu_seconds_total{job=~\"$job\", instance=~\"$instance\"}[$__rate_interval])\n ) by(instance)" + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: CPU spent on GC + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows network usage by VM: + + * Writes show traffic sent to clients + + * Reads show traffic received from clients' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: decbits + overrides: + - matcher: + id: byRegexp + options: /read.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 159 + id: 127 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_tcplistener_read_bytes_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(name) * 8 > 0 + format: time_series + hide: false + intervalFactor: 1 + legendFormat: read via {{`{{`}}name{{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_tcplistener_written_bytes_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(name) * 8 > 0 + format: time_series + hide: false + intervalFactor: 1 + legendFormat: write via {{`{{`}}name{{`}}`}} + range: true + refId: B + title: Network usage + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of allocations in memory. Sudden increase in allocations would mean increased pressure on Go Garbage Collector and can saturate CPU resources of the application. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 159 + id: 133 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(go_memstats_alloc_bytes_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Memory allocations rate + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the time goroutines have spent in runnable state before actually running. The lower is better.\n\nHigh values or values exceeding the threshold is usually a sign of insufficient CPU resources or CPU throttling. \n\nVerify that service has enough CPU resources. Otherwise, the service could work unreliably with delays in processing." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 0.1 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 167 + id: 128 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: histogram_quantile(0.99, sum(rate(go_sched_latencies_seconds_bucket{job=~"$job"}[$__rate_interval])) by (job, instance, le)) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Go scheduling latency + type: timeseries + title: Resource usage + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 31 + id: 71 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the rate and total number of new series created over last 24h. + + + High [churn rate](https://docs.victoriametrics.com/victoriametrics/faq/#what-is-high-churn-rate) tightly connected with database performance and may result in unexpected OOM''s or slow queries. It is recommended to always keep an eye on this metric to avoid unexpected [cardinality](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#cardinality) "explosions". + + + The higher churn rate is, the more resources required to handle it. Consider to keep the churn rate as low as possible. + + + Good references to read: + + * https://www.robustperception.io/cardinality-is-key + + * https://www.robustperception.io/using-tsdb-analyze-to-investigate-churn-and-cardinality' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 593 + id: 66 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_new_timeseries_created_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (instance) + interval: '' + legendFormat: '{{`{{`}}instance{{`}}`}} - churn rate' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(increase(vm_new_timeseries_created_total{job=~"$job", instance=~"$instance"}[24h])) by (instance) + interval: '' + legendFormat: '{{`{{`}}instance{{`}}`}} - new series over 24h' + range: true + refId: B + title: Churn rate + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "The percentage of [slow inserts](https://docs.victoriametrics.com/victoriametrics/faq/#what-is-a-slow-insert) compared to the total ingestion rate. \n\nThe lower the better. \n\nIn short, slow insert is a cache miss. There are following reasons for slow inserts to go up: \n* Ingestion of completely new, not seen before time series;\n* Not enough memory to maintain big enough caches for the current workload.\n\nIf percentage remains high (>10%) during extended periods of time, then it is likely more RAM is needed for optimal handling of the current number of [active time series](https://docs.victoriametrics.com/victoriametrics/faq/#what-is-an-active-time-series). \n\nSee [this issue](https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3976#issuecomment-1476883183) for details." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line+area + decimals: 2 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: transparent + - color: red + value: 0.1 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 593 + id: 68 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: "max(\n rate(vm_slow_row_inserts_total{job=~\"$job\"}[$__rate_interval]) \n / rate(vm_rows_added_to_storage_total{job=~\"$job\"}[$__rate_interval])\n) by (instance)" + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Slow inserts % + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Merge assist happens when storage can't keep up with merging parts. This is usually a sign of overload for storage. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: bars + fillOpacity: 100 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 601 + id: 116 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(increase(vm_assisted_merges_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(instance, type) > 0 + format: time_series + interval: 5m + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}type{{`}}`}}' + range: true + refId: A + title: Assisted merges + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Slow queries rate according to `search.logSlowQueryDuration` flag, which is `5s` by default. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 601 + id: 60 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_slow_queries_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (instance) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Slow queries rate + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the percentage of used cache size from the allowed size by type. \nValues close to 100% show the maximum potential utilization.\nValues close to 0% show that cache is underutilized." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 9 + w: 12 + x: 0 + 'y': 609 + id: 90 + options: + legend: + calcs: + - lastNotNull + - mean + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: vm_cache_size_bytes{job=~"$job", instance=~"$instance"} / vm_cache_size_max_bytes{job=~"$job", instance=~"$instance"} + interval: '' + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}type{{`}}`}}' + range: true + refId: A + title: Cache usage % by type + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows cache miss ratio. Lower is better. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + max: 1 + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 9 + w: 12 + x: 12 + 'y': 609 + id: 118 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: |- + ( + rate(vm_cache_misses_total{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + rate(vm_cache_requests_total{job=~"$job", instance=~"$instance"}[$__rate_interval]) + ) > 0 + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}type{{`}}`}}' + range: true + refId: A + title: Cache miss ratio + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows how many samples were ignored or dropped on insertion due to various reasons: + + * timestamp out of retention period or timestamp in future; + + * invalid metric name; + + * exceeding limit for labels length or number; + + * dropped by [relabeling configuration](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#relabeling).' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 618 + id: 131 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(increase(vm_rows_ignored_total{job=~"$job", instance=~"$instance"}[1h])) by (instance, reason) + hide: false + interval: '' + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}reason{{`}}`}}' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(increase(vm_relabel_metrics_dropped_total{job=~"$job", instance=~"$instance"}[1h])) by(instance) + hide: false + instant: false + legendFormat: '{{`{{`}}instance{{`}}`}} - relabeling' + range: true + refId: B + title: Samples dropped for last 1h + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows rate of deduplicated samples during [deduplication](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#deduplication) or [downsampling](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#downsampling), according to the configured `-dedup.minScrapeInterval` or `-downsampling.period`. + + + Should be empty if `-dedup.minScrapeInterval` and `-downsampling.period` isn''t set. + + + Deduplication happens in two places: + + * `type="merge"` - during [background merges](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#storage). Deduplication during merges is permanent. + + * `type="select"` - during [read queries](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#query-data). Deduplication happens in-flight and has no permanent effect. + + + The more samples need to be deduplicated, the higher will be resource usage.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 618 + id: 132 + links: + - targetBlank: true + title: Readonly mode + url: https://docs.victoriametrics.com/victoriametrics/cluster-victoriametrics/#readonly-mode + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vm_deduplicated_samples_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(instance, type) > 0 + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: __auto + range: true + refId: A + title: Deduplication rate + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Flags explicitly set to non-default values + fieldConfig: + defaults: + color: + mode: thresholds + custom: + align: auto + cellOptions: + type: auto + inspect: false + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: + - matcher: + id: byName + options: Time + properties: + - id: custom.hidden + value: true + - matcher: + id: byName + options: Value + properties: + - id: custom.hidden + value: true + - matcher: + id: byName + options: job + properties: + - id: custom.hidden + value: true + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 626 + id: 126 + options: + cellHeight: sm + footer: + countRows: false + fields: '' + reducer: + - sum + show: false + showHeader: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(flag{is_set="true", job=~"$job", instance=~"$instance"}) by(job, instance, name, value) + format: table + instant: true + legendFormat: __auto + range: false + refId: A + title: Non-default flags + type: table + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the number of restarts per job. The chart can be useful to identify periodic process restarts and correlate them with potential issues or anomalies. Normally, processes shouldn''t restart unless restart was inited by user. The reason of restarts should be figured out by checking the logs of each specific service. ' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: stepAfter + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 626 + id: 129 + options: + legend: + calcs: + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(changes(vm_app_start_timestamp{job=~"$job", instance=~"$instance"}[$__rate_interval]) > 0) by(job) + format: time_series + instant: false + legendFormat: '{{`{{`}}job{{`}}`}}' + refId: A + title: Restarts ($job) + type: timeseries + title: Troubleshooting + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 32 + id: 14 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the approx time needed to reach 100% of disk capacity based on the following params: + + * free disk space (after -storage.minFreeDiskSpaceBytes); + + * row ingestion rate; + + * compression.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 163 + id: 73 + options: + legend: + calcs: + - mean + - lastNotNull + - min + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: "(vm_free_disk_space_bytes{job=~\"$job\", instance=~\"$instance\"}-vm_free_disk_space_limit_bytes{job=~\"$job\", instance=~\"$instance\"}) \n/ \nignoring(path) (\n (rate(vm_rows_added_to_storage_total{job=~\"$job\", instance=~\"$instance\"}[1d]) - \n sum(rate(vm_deduplicated_samples_total{job=~\"$job\", instance=~\"$instance\"}[1d])) without (type)) * \n (\n sum(vm_data_size_bytes{job=~\"$job\", instance=~\"$instance\", type!~\"indexdb.*\"}) without(type) /\n sum(vm_rows{job=~\"$job\", instance=~\"$instance\", type!~\"indexdb.*\"}) without(type)\n )\n +\n rate(vm_new_timeseries_created_total{job=~\"$job\", instance=~\"$instance\"}[1d]) * \n (\n sum(vm_data_size_bytes{job=~\"$job\", instance=~\"$instance\", type=\"indexdb/file\"}) /\n sum(vm_rows{job=~\"$job\", instance=~\"$instance\", type=\"indexdb/file\"})\n )\n) > 0" + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Storage full ETA + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: How many datapoints are inserted into storage per second + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 185 + id: 10 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_rows_inserted_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (instance, type) > 0 + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}type{{`}}`}}' + range: true + refId: A + title: Datapoints ingestion rate + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: How many data points are in RAM queue waiting to be written into storage. The number of pending data points should be in the range from 0 to `5*`, since VictoriaMetrics pushes pending data to persistent storage every 5 seconds. The index datapoints value in general is much lower + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: pending index entries + properties: + - id: unit + value: none + - id: decimals + value: 3 + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 185 + id: 34 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + expr: vm_pending_rows{job=~"$job", instance=~"$instance", type="storage"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - pending datapoints' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + expr: vm_pending_rows{job=~"$job", instance=~"$instance", type="indexdb"} + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - pending index entries' + range: true + refId: B + title: Pending datapoints + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows amount of on-disk space occupied by data points and the remaining disk space at `-storageDataPath`. Calculation accounts for -storage.minFreeDiskSpaceBytes + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 193 + id: 53 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_data_size_bytes{job=~"$job", instance=~"$instance", type!~"indexdb.*"}) by (instance) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - Used (datapoints)' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + expr: vm_free_disk_space_bytes{job=~"$job", instance=~"$instance"} - vm_free_disk_space_limit_bytes{job=~"$job", instance=~"$instance"} + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - Free' + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_data_size_bytes{job=~"$job", instance=~"$instance", type=~"indexdb.*"}) by (instance) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - Used (index)' + range: true + refId: C + title: Disk space usage - datapoints + type: timeseries + - datasource: + uid: $ds + description: 'The max number of data parts of LSM tree across all storage nodes in the last [partition](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#storage). + + Increase in number of parts (the hard limit is 512) is an evidence of slow merge performance - check the resource utilization. + + * `indexdb` - inverted index + + * `storage/small` - recently added parts of data ingested into storage (hot data) + + * `storage/big` - small parts gradually merged into bigger parts (cold data)' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 193 + id: 36 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_parts{job=~"$job", instance=~"$instance", type=~"indexdb.*"}) by (instance, type) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}type{{`}}`}}' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(vm_last_partition_parts{job=~"$job", instance=~"$instance"}) by(instance, type) + format: time_series + hide: false + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}type{{`}}`}}' + range: true + refId: B + title: LSM parts max by type + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows how many datapoints are in the storage and what is average disk usage per datapoint. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: bytes-per-datapoint + properties: + - id: unit + value: bytes + - id: decimals + value: 2 + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 201 + id: 30 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_rows{job=~"$job", instance=~"$instance", type!~"indexdb.*"}) by (instance) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - total datapoints' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: |- + sum(vm_data_size_bytes{job=~"$job", instance=~"$instance"}) by (instance) + / sum(vm_rows{job=~"$job", instance=~"$instance", type!~"indexdb.*"}) by (instance) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - bytes-per-datapoint' + range: true + refId: B + title: Datapoints + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: The number of on-going merges in storage nodes. It is expected to have high numbers for `storage/small` metric. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 201 + id: 62 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_active_merges{job=~"$job", instance=~"$instance"}) by(instance, type) + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}type{{`}}`}}' + range: true + refId: A + title: Active merges + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows how many rows were ignored on insertion due to corrupted or out of retention timestamps and how many series were ignored on insertion or during scrape due to too long label names, values and excessive labels count. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 209 + id: 58 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(increase(vm_rows_ignored_total{job=~"$job", instance=~"$instance"}[1h])) by (instance, reason) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}reason{{`}}`}}' + range: true + refId: A + title: Rows ignored for last 1h + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: The number of rows merged per second by storage nodes. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 209 + id: 64 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_rows_merged_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(instance, type) + legendFormat: '{{`{{`}}instance{{`}}`}} - {{`{{`}}type{{`}}`}}' + range: true + refId: A + title: Merge speed + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows how many ongoing insertions (not API /write calls) on disk are taking place, where:\n* `max` - equal to number of CPUs;\n* `current` - current number of goroutines busy with inserting rows into underlying storage.\n\nEvery successful API /write call results into flush on disk. However, these two actions are separated and controlled via different concurrency limiters. The `max` on this panel can't be changed and always equal to number of CPUs. \n\nWhen `current` hits `max` constantly, it means storage is overloaded and requires more CPU.\n\n" + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byName + options: max + properties: + - id: color + value: + fixedColor: '#C4162A' + mode: fixed + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 217 + id: 59 + options: + legend: + calcs: + - mean + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max_over_time(vm_concurrent_insert_capacity{job=~"$job", instance=~"$instance"}[$__rate_interval]) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - max' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_concurrent_insert_current{job=~"$job", instance=~"$instance"}) by (instance) + format: time_series + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} - current' + range: true + refId: B + title: Concurrent flushes on disk + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 99th percentile of number of [data samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) read per queried series. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 217 + id: 103 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: histogram_quantile(0.99, sum(rate(vm_rows_read_per_series_bucket{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (instance, vmrange)) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Datapoints read per series + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 99th percentile of number of series read per query. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 225 + id: 99 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: histogram_quantile(0.99, sum(rate(vm_series_read_per_query_bucket{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (instance, vmrange)) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Series read per query + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '99th percentile of number of [data samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) scanner per query. + + + This number can exceed number of RowsReadPerQuery if `step` query arg passed to [/api/v1/query_range](https://prometheus.io/docs/prometheus/latest/querying/api/#range-queries) is smaller than the lookbehind window set in square brackets of [rollup function](https://docs.victoriametrics.com/victoriametrics/metricsql/#rollup-functions). For example, if `increase(some_metric[1h])` is executed with the `step=5m`, then the same [data samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) on a hour time range are scanned `1h/5m=12` times. See [this article](https://valyala.medium.com/how-to-optimize-promql-and-metricsql-queries-85a1b75bf986) for details.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 225 + id: 105 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: histogram_quantile(0.99, sum(rate(vm_rows_scanned_per_query_bucket{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (instance, vmrange)) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Datapoints scanned per query + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 99th percentile of number of [data samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) read per query. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 233 + id: 122 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: histogram_quantile(0.99, sum(rate(vm_rows_read_per_query_bucket{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (instance, vmrange)) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Datapoints read per query + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows number of existing [snapshots](https://docs.victoriametrics.com/victoriametrics/single-server-victoriametrics/#how-to-work-with-snapshots). + + + Recently made snapshots do not occupy disk space. But with time, as snapshots become older, they start to occupy more and more disk space. + + + It is recommended deleting old snapshots when they are no longer needed to free up disk space.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 233 + id: 130 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: vm_snapshots{job=~"$job", instance=~"$instance"} + interval: '' + legendFormat: '{{`{{`}}instance{{`}}`}}' + range: true + refId: A + title: Number of snapshots + type: timeseries + title: Storage + type: row +preload: false +refresh: '' +schemaVersion: 40 +tags: +- victoriametrics +- vm-k8s-stack +templating: + list: + - current: + text: VictoriaMetrics + value: P4169E866C3094E38 + includeAll: false + name: ds + options: [] + query: {{ $defaultDatasource }} + refresh: 1 + regex: '' + type: datasource + - current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vm_app_version{version=~"victoria-metrics-.*"}, job) + includeAll: false + name: job + options: [] + query: + query: label_values(vm_app_version{version=~"victoria-metrics-.*"}, job) + refId: VictoriaMetrics-job-Variable-Query + refresh: 1 + regex: '' + type: query + - current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vm_app_version{job=~"$job", instance=~"$instance"}, version) + hide: 2 + includeAll: false + name: version + options: [] + query: + query: label_values(vm_app_version{job=~"$job", instance=~"$instance"}, version) + refId: VictoriaMetrics-version-Variable-Query + refresh: 1 + regex: /.*-(?:tags|heads)-(.*)-(?:0|dirty)-.*/ + sort: 2 + type: query + - allValue: .* + current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vm_app_version{job=~"$job"}, instance) + includeAll: true + multi: true + name: instance + options: [] + query: + query: label_values(vm_app_version{job=~"$job"}, instance) + refId: VictoriaMetrics-instance-Variable-Query + refresh: 1 + regex: '' + type: query + - baseFilters: [] + datasource: + type: prometheus + uid: $ds + filters: [] + name: adhoc + type: adhoc +time: + from: now-3h + to: now +timepicker: + refresh_intervals: + - 10s + - 30s + - 1m + - 5m + - 15m + - 30m + - 1h + - 2h + - 1d +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: VictoriaMetrics - single-node +uid: wNf0q_kZk +version: 1 +weekStart: '' diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-vmagent.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-vmagent.yaml new file mode 100644 index 0000000..a482f16 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-vmagent.yaml @@ -0,0 +1,6276 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +annotations: + list: + - builtIn: 1 + datasource: + type: datasource + uid: grafana + enable: true + hide: true + iconColor: rgba(0, 211, 255, 1) + name: Annotations & Alerts + target: + limit: 100 + matchAny: false + tags: [] + type: dashboard + type: dashboard + - datasource: + type: prometheus + uid: $ds + enable: true + expr: sum(vm_app_version{job=~"$job", instance=~"$instance"}) by(short_version) unless (sum(vm_app_version{job=~"$job", instance=~"$instance"} offset $__interval) by(short_version)) + hide: true + iconColor: dark-blue + name: version + textFormat: '{{`{{`}}short_version{{`}}`}}' + titleFormat: Version change + - datasource: + type: prometheus + uid: $ds + enable: true + expr: sum(changes(vm_app_start_timestamp{job=~"$job", instance=~"$instance"}[$__interval])) by(job, instance) + hide: false + iconColor: dark-yellow + name: restarts + textFormat: '{{`{{`}}job{{`}}`}}:{{`{{`}}instance{{`}}`}} restarted' +condition: {{ true }} +description: Overview for VictoriaMetrics vmagent v1.117.0 or higher +editable: false +fiscalYearStartMonth: 0 +graphTooltip: 1 +id: 2 +links: +- icon: doc + tags: [] + targetBlank: true + title: vmagent wiki + tooltip: '' + type: link + url: https://docs.victoriametrics.com/victoriametrics/vmagent/ +- icon: external link + tags: [] + targetBlank: true + title: Found a bug? + type: link + url: https://github.com/VictoriaMetrics/VictoriaMetrics/issues +- icon: external link + tags: [] + targetBlank: true + title: New releases + type: link + url: https://github.com/VictoriaMetrics/VictoriaMetrics/releases +- asDropdown: false + icon: external link + includeVars: false + keepTime: false + tags: [] + targetBlank: true + title: Troubleshooting + tooltip: '' + type: link + url: https://docs.victoriametrics.com/victoriametrics/vmagent/#troubleshooting +panels: +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 0 + id: 105 + panels: [] + title: Stats + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of [samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) scraped from configured targets. + fieldConfig: + defaults: + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + overrides: [] + gridPos: + h: 3 + w: 6 + x: 0 + 'y': 1 + id: 103 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - last + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_promscrape_scraped_samples_sum{job=~"$job", instance=~"$instance"}[$__rate_interval])) + interval: '' + legendFormat: __auto + range: true + refId: A + title: Samples scraped/s + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the number of targets scraped per second. + fieldConfig: + defaults: + decimals: 1 + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + overrides: [] + gridPos: + h: 3 + w: 6 + x: 6 + 'y': 1 + id: 134 + options: + colorMode: value + graphMode: none + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - last + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_promscrape_scrapes_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) + interval: '' + legendFormat: __auto + range: true + refId: A + title: Targets scraped/s + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows number of generated error messages in logs over last 30m. Non-zero value may be a sign of connectivity or misconfiguration errors. + fieldConfig: + defaults: + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 1 + unit: short + overrides: [] + gridPos: + h: 3 + w: 6 + x: 12 + 'y': 1 + id: 16 + links: + - targetBlank: true + title: Troubleshooting + url: https://docs.victoriametrics.com/victoriametrics/vmagent/#troubleshooting + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - last + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + expr: sum(increase(vm_log_messages_total{job=~"$job", instance=~"$instance", level!="info"}[30m])) + interval: '' + legendFormat: '' + refId: A + title: Log errors (30m) + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Total number of available CPUs for selected vmagents. ' + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: short + overrides: [] + gridPos: + h: 3 + w: 6 + x: 18 + 'y': 1 + id: 152 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(vm_available_cpu_cores{job=~"$job", instance=~"$instance"}) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Available CPU + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of ingested [samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) + fieldConfig: + defaults: + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + overrides: [] + gridPos: + h: 3 + w: 6 + x: 0 + 'y': 4 + id: 102 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - last + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vmagent_rows_inserted_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) + interval: '' + legendFormat: __auto + range: true + refId: A + title: Samples ingested/s + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows total number of all configured scrape targets in state `up` or `down`.\n\nSee `http://vmagent-host:8429/targets` to get list of all targets. \n" + fieldConfig: + defaults: + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + overrides: + - matcher: + id: byName + options: down + properties: + - id: thresholds + value: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 1 + gridPos: + h: 3 + w: 6 + x: 6 + 'y': 4 + id: 72 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - last + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_promscrape_targets{job=~"$job", instance=~"$instance", status="up"}) + interval: '' + legendFormat: up + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(vm_promscrape_targets{job=~"$job", instance=~"$instance", status="down"}) + hide: false + interval: '' + legendFormat: down + range: true + refId: B + title: Scrape targets + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Persistent queue size shows size of pending samples in bytes which hasn't been flushed to remote storage yet. \nIncreasing of value might be a sign of connectivity issues. In such cases, vmagent starts to flush pending data on disk with attempt to send it later once connection is restored." + fieldConfig: + defaults: + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 10485760 + unit: bytes + overrides: [] + gridPos: + h: 3 + w: 6 + x: 12 + 'y': 4 + id: 56 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - last + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + expr: sum(vmagent_remotewrite_pending_data_bytes{job=~"$job", instance=~"$instance"}) + interval: '' + legendFormat: '' + refId: A + title: Persistent queue size + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Total size of available memory for selected vmagents. + fieldConfig: + defaults: + color: + mode: thresholds + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: bytes + overrides: [] + gridPos: + h: 3 + w: 6 + x: 18 + 'y': 4 + id: 153 + maxDataPoints: 100 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: horizontal + percentChangeColorMode: standard + reduceOptions: + calcs: + - lastNotNull + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(vm_available_memory_bytes{job=~"$job", instance=~"$instance"}) + format: time_series + instant: true + interval: '' + intervalFactor: 1 + legendFormat: '' + refId: A + title: Available memory + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: thresholds + custom: + align: auto + cellOptions: + type: auto + inspect: false + minWidth: 50 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + overrides: + - matcher: + id: byName + options: Time + properties: + - id: custom.hidden + value: true + - matcher: + id: byName + options: Value + properties: + - id: displayName + value: Count + gridPos: + h: 5 + w: 8 + x: 0 + 'y': 7 + id: 101 + options: + cellHeight: sm + footer: + countRows: false + fields: '' + reducer: + - sum + show: false + showHeader: true + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(vm_app_version{job=~"$job", instance=~"$instance"}) by(job, short_version) + format: table + instant: true + range: false + refId: A + title: '' + type: table +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: stepAfter + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 5 + w: 16 + x: 8 + 'y': 7 + id: 13 + options: + legend: + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(up{job=~"$job", instance=~"$instance"}) by (job) + format: time_series + instant: false + interval: '' + legendFormat: __auto + refId: A + title: Uptime + type: timeseries +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 12 + id: 24 + panels: [] + title: Overview + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows in/out [samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) rate including push and pull models. \n\nThe out-rate could be different to in-rate because of replication or additional timeseries added by vmagent for every scraped target.\n\nClick on the line and choose Drilldown to show CPU usage per instance\n" + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: + - title: Drilldown + url: /d/G7Z9GzMGz?viewPanel=123&var-job=${__field.labels.job}&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /out .*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 13 + id: 5 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate({__name__=~"vmagent_rows_inserted_total|vm_promscrape_scraped_samples_sum", job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + hide: false + interval: '' + legendFormat: in {{`{{`}}job{{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vmagent_remotewrite_block_size_rows_sum{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + interval: '' + legendFormat: out {{`{{`}}job{{`}}`}} + range: true + refId: B + title: Samples rate ($instance) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the persistent queue size of pending samples in bytes >2MB which hasn't been flushed to remote storage yet. \n\nIncreasing of value might be a sign of connectivity issues. In such cases, vmagent starts to flush pending data on disk with attempt to send it later once connection is restored.\n\nRemote write URLs are hidden by default but might be unveiled once `-remoteWrite.showURL` is set to true.\n\nClick on the line and choose Drilldown to show the persistent queue size per instance.\n" + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: + - targetBlank: true + title: Drilldown + url: /d/G7Z9GzMGz?viewPanel=125&var-url=${__field.labels.url}&var-ds=$ds&var-instance=$instance&var-job=$job&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 13 + id: 17 + links: + - title: Troubleshooting + url: https://docs.victoriametrics.com/victoriametrics/vmagent/#troubleshooting + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(vmagent_remotewrite_pending_data_bytes{job=~"$job", instance=~"$instance", url=~"$url"}) by (job, url) > 2e6 + interval: '' + legendFormat: '{{`{{`}}job{{`}}`}} => {{`{{`}}url{{`}}`}}' + range: true + refId: A + title: Persistent queue size ($instance) to ($url) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of logging the messages by their level. Unexpected spike in rate is a good reason to check logs. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: bars + fillOpacity: 100 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 21 + id: 107 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vm_log_messages_total{job=~"$job",instance=~"$instance", level!="info"}[$__rate_interval])) by (job, level) > 0 + format: time_series + hide: false + interval: 5m + intervalFactor: 1 + legendFormat: '{{`{{`}}job{{`}}`}} - {{`{{`}}level{{`}}`}}' + range: true + refId: A + title: Logging rate + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows rate of dropped [samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) from persistent queue. vmagent drops samples from queue if in-memory and on-disk queues are full and it is unable to flush them to remote storage. + + The max size of on-disk queue is configured by `-remoteWrite.maxDiskUsagePerURL` flag.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: decbytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 21 + id: 49 + links: + - targetBlank: true + title: Troubleshooting + url: https://docs.victoriametrics.com/victoriametrics/vmagent/#troubleshooting + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_persistentqueue_bytes_dropped_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (path) > 0 + interval: '' + legendFormat: '{{`{{`}} path {{`}}`}}' + range: true + refId: A + title: Persistent queue dropped rate ($instance) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of requests served by vmagent HTTP server. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 29 + id: 15 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vmagent_http_requests_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, path) > 0 + interval: '' + legendFormat: '' + range: true + refId: A + title: Requests rate ($instance) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Errors rate shows rate for multiple metrics that track possible errors in vmagent, such as network or parsing errors. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 29 + id: 69 + links: + - targetBlank: true + title: Troubleshooting + url: https://docs.victoriametrics.com/victoriametrics/vmagent/#troubleshooting + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vmagent_http_request_errors_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, protocol) > 0 + interval: '' + legendFormat: requests:{{`{{`}}protocol{{`}}`}} ({{`{{`}}job{{`}}`}}) + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_protoparser_read_errors_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, type) > 0 + interval: '' + legendFormat: 'parse: {{`{{`}}type{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_ingestserver_request_errors_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, type) > 0 + interval: '' + legendFormat: 'ingest: {{`{{`}}type{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: C + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_protoparser_unmarshal_errors_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, type) > 0 + interval: '' + legendFormat: 'unmarshal: {{`{{`}}type{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: D + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_promscrape_dial_errors_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + interval: '' + legendFormat: scrape dial ({{`{{`}}job{{`}}`}}) + range: true + refId: E + title: Errors rate ($instance) + type: timeseries +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 37 + id: 45 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Percentage of used RSS memory (resident). + + The RSS memory shows the amount of memory recently accessed by the application. It includes anonymous memory and data from recently accessed files (aka page cache). + + The application''s performance will significantly degrade when memory usage is close to 100%. + + + Click on the line and choose Drilldown to show memory usage per instance' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: + - targetBlank: true + title: Drilldown + url: /d/G7Z9GzMGz?viewPanel=117&var-job=${__field.labels.job}&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 38 + id: 111 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + max( + max_over_time(process_resident_memory_bytes{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job", instance=~"$instance"} + ) by(job) + interval: '' + legendFormat: __auto + range: true + refId: A + title: RSS memory % usage ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: + - targetBlank: true + title: Drilldown + url: /d/G7Z9GzMGz?viewPanel=119&var-job=${__field.labels.job}&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 38 + id: 157 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: |- + max( + rate(process_cpu_seconds_total{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + process_cpu_cores_available{job=~"$job", instance=~"$instance"} + ) by(instance) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: __auto + range: true + refId: A + title: CPU % usage + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Share for memory allocated by the process itself. When memory usage reaches 100% it will be likely OOM-killed. + + Safe memory usage % considered to be below 80% + + + Click on the line and choose Drilldown to show memory usage per instance' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 46 + id: 155 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: |- + max( + max_over_time(process_resident_memory_anon_bytes{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job", instance=~"$instance"} + ) by(instance) + interval: '' + legendFormat: __auto + range: true + refId: A + title: RSS anonymous memory % usage + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows CPU pressure based on [Pressure Stall Information](https://docs.kernel.org/accounting/psi.html). + + + The lower the better.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 46 + id: 158 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_cpu_waiting_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - waiting' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_cpu_stalled_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + hide: false + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - stalled' + range: true + refId: B + title: CPU pressure + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows memory pressure based on [Pressure Stall Information](https://docs.kernel.org/accounting/psi.html). + + + The lower the better.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 54 + id: 156 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_memory_waiting_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - waiting' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_memory_stalled_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + hide: false + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - stalled' + range: true + refId: B + title: Memory pressure + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the number of bytes read/write from the storage layer when vmagent has to buffer data on disk or read already buffered data. + + + Click on the line and choose Drilldown to show CPU usage per instance' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: + - targetBlank: true + title: Drilldown + url: /d/G7Z9GzMGz?viewPanel=121&var-job=${__field.labels.job}&var-ds=$ds&var-instance=$instance&${__url_time_range} + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: read + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 54 + id: 81 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_io_storage_read_bytes_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: read {{`{{`}}job{{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_io_storage_written_bytes_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: write {{`{{`}}job{{`}}`}} + range: true + refId: B + title: Disk writes/reads ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 62 + id: 39 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(max_over_time(go_goroutines{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Goroutines ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows IO pressure based on [Pressure Stall Information](https://docs.kernel.org/accounting/psi.html). + + + The lower the better.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 62 + id: 159 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_io_waiting_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - waiting' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_io_stalled_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + hide: false + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - stalled' + range: true + refId: B + title: IO pressure + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 70 + id: 41 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(max_over_time(process_num_threads{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + format: time_series + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Threads ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Network usage shows the bytes rate for data accepted by vmagent and pushed via remotewrite protocol. + + Discrepancies are possible because of different protocols used for ingesting, scraping and writing data.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bps + overrides: + - matcher: + id: byRegexp + options: /out.*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 70 + id: 7 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: "sum(rate(vm_tcplistener_read_bytes_total{job=~\"$job\", instance=~\"$instance\"}[$__rate_interval])) by(job) * 8 \n+ sum(rate(vm_promscrape_conn_bytes_read_total{job=~\"$job\", instance=~\"$instance\"}[$__rate_interval])) by(job) * 8" + interval: '' + legendFormat: in {{`{{`}}job{{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vmagent_remotewrite_conn_bytes_written_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) * 8 + interval: '' + legendFormat: out {{`{{`}}job{{`}}`}} + range: true + refId: B + title: Network usage ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the percent of CPU spent on garbage collection. + + + If % is high, then CPU usage can be decreased by changing GOGC to higher values. Increasing GOGC value will increase memory usage, and decrease CPU usage. + + + Try searching for keyword `GOGC` at https://docs.victoriametrics.com/victoriametrics/troubleshooting/ ' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 78 + id: 135 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: "max(\n rate(go_gc_cpu_seconds_total{job=~\"$job\", instance=~\"$instance\"}[$__rate_interval]) \n / rate(process_cpu_seconds_total{job=~\"$job\", instance=~\"$instance\"}[$__rate_interval])\n ) by(job)" + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: CPU spent on GC ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the time goroutines have spent in runnable state before actually running. The lower is better.\n\nHigh values or values exceeding the threshold is usually a sign of insufficient CPU resources or CPU throttling. \n\nVerify that service has enough CPU resources. Otherwise, the service could work unreliably with delays in processing." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 0.1 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 78 + id: 149 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(histogram_quantile(0.99, sum(rate(go_sched_latencies_seconds_bucket{job=~"$job"}[$__rate_interval])) by (job, instance, le))) by(job) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Go scheduling latency + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of allocations in memory. Sudden increase in allocations would mean increased pressure on Go Garbage Collector and can saturate CPU resources of the application. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 86 + id: 154 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(go_memstats_alloc_bytes_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Memory allocations rate + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Panel shows the percentage of open file descriptors in the OS per instance. + + Reaching the limit of open files (100%) can cause various issues and must be prevented. + + + See how to change limits here https://medium.com/@muhammadtriwibowo/set-permanently-ulimit-n-open-files-in-ubuntu-4d61064429a' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 5 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 86 + id: 83 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: |- + max( + max_over_time(process_open_fds{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + process_max_fds{job=~"$job", instance=~"$instance"} + ) by(job) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Open FDs usage % ($instance) + type: timeseries + title: Resource usage + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 38 + id: 94 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows top 10 jobs by the number of new series registered by vmagent over the 5min range. These jobs generate the most of the churn rate. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1580 + id: 92 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: topk(10, sum(sum_over_time(scrape_series_added[5m])) by (job)) > 0 + interval: '' + legendFormat: '{{`{{`}} job {{`}}`}}' + range: true + refId: A + title: Top 10 jobs by unique samples + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows top 10 instances by the number of new series registered by vmagent over the 5min range. These instances generate the most of the churn rate. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1580 + id: 95 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: topk(10, sum(sum_over_time(scrape_series_added[5m])) by (instance)) > 0 + interval: '' + legendFormat: __auto + range: true + refId: A + title: Top 10 instances by unique samples + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows write saturation of the persistent queue. If the threshold of 0.9sec is reached, then the persistent queue is saturated by more than 90% and vmagent won't be able to keep up with flushing data on disk. In this case, consider to decrease load on the vmagent or improve the disk throughput. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMax: 2 + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: transparent + - color: red + value: 0.9 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1588 + id: 98 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: max(rate(vm_persistentqueue_write_duration_seconds_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (job) + interval: '' + legendFormat: __auto + range: true + refId: A + title: Persistent queue write saturation ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows read saturation of the persistent queue. If the threshold of 0.9sec is reached, then the persistent queue is saturated by more than 90% and vmagent won't be able to keep up with reading data from the disk. In this case, consider to decrease load on the vmagent or improve the disk throughput. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMax: 2 + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: transparent + - color: red + value: 0.9 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1588 + id: 99 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: max(rate(vm_persistentqueue_read_duration_seconds_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (job) + interval: '' + legendFormat: __auto + range: true + refId: A + title: Persistent queue read saturation ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the rate of dropped data blocks in cases when remote storage replies with `400 Bad Request` and `409 Conflict` HTTP responses. + + + See https://github.com/VictoriaMetrics/VictoriaMetrics/issues/1149' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1596 + id: 79 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vmagent_remotewrite_packets_dropped_total{job=~"$job", instance=~"$instance", url=~"$url"}[$__rate_interval])) by(job, url) > 0 + interval: '' + legendFormat: __auto + range: true + refId: A + title: Data blocks dropped ($instance) to ($url) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the rate of dropped [samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) due to relabeling. \nMetric tracks drops for `-remoteWrite.relabelConfig` configuration only." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: normal + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1596 + id: 18 + links: + - targetBlank: true + title: Relabeling + url: https://docs.victoriametrics.com/victoriametrics/relabeling/ + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vmagent_remotewrite_relabel_metrics_dropped_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, url) > 0 + interval: '' + legendFormat: __auto + range: true + refId: B + title: Rows dropped by relabeling ($instance) to ($url) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of parsed datapoints from write or scrape requests. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1604 + id: 127 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vm_protoparser_rows_read_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, type) > 0 + interval: '' + legendFormat: '{{`{{`}} type {{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: A + title: Datapoints rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Tracks the rate of dropped invalid rows because of errors while unmarshaling write requests. The exact errors messages will be printed in logs. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1604 + id: 50 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vm_rows_invalid_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, type) > 0 + interval: '' + legendFormat: '{{`{{`}}type{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: A + title: Invalid datapoints rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: thresholds + custom: + align: auto + cellOptions: + type: auto + inspect: false + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: + - matcher: + id: byName + options: Value + properties: + - id: custom.hidden + value: true + - matcher: + id: byName + options: Time + properties: + - id: custom.hidden + value: true + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 1612 + id: 129 + options: + cellHeight: sm + footer: + countRows: false + fields: '' + reducer: + - sum + show: false + showHeader: true + sortBy: + - desc: true + displayName: job + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(flag{is_set="true", job=~"$job", instance=~"$instance"}) by(job, instance, name, value) + format: table + instant: true + legendFormat: __auto + range: false + refId: A + title: Non-default flags + transformations: + - id: groupBy + options: + fields: + instance: + aggregations: [] + job: + aggregations: [] + operation: groupby + name: + aggregations: [] + operation: groupby + value: + aggregations: [] + operation: groupby + type: table + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the number of restarts per job. The chart can be useful to identify periodic process restarts and correlate them with potential issues or anomalies. Normally, processes shouldn''t restart unless restart was inited by user. The reason of restarts should be figured out by checking the logs of each specific service. ' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: stepAfter + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 1612 + id: 150 + options: + legend: + calcs: + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(changes(vm_app_start_timestamp{job=~"$job", instance=~"$instance"}[$__rate_interval]) > 0) by(job) + format: time_series + instant: false + legendFormat: '{{`{{`}}job{{`}}`}}' + refId: A + title: Restarts ($job) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows how many samples were ignored on insertion due to various reasons. See the reason of rejection application logs. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1619 + id: 151 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(increase(vm_rows_ignored_total{job=~"$job", instance=~"$instance"}[1h])) by (reason) + interval: '' + legendFormat: __auto + range: true + refId: A + title: Rows ignored for last 1h ($instance) + type: timeseries + title: Troubleshooting + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 39 + id: 28 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 1825 + id: 48 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(vm_promscrape_targets{job=~"$job", instance=~"$instance", status="up"}) by(job, type) > 0 + format: time_series + interval: '' + legendFormat: '{{`{{`}}type{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: A + title: Scrape targets UP(By Type) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 1825 + id: 76 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(vm_promscrape_targets{job=~"$job", instance=~"$instance", status="down"}) by(job, type) > 0 + format: time_series + interval: '' + legendFormat: '{{`{{`}}type{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: A + title: Scrape targets DOWN(By Type) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 1832 + id: 132 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(vm_promscrape_scrape_pool_targets{job=~"$job", instance=~"$instance", status="up"}) by(job, scrape_job) > 0 + format: time_series + interval: '' + legendFormat: '{{`{{`}}job{{`}}`}}: {{`{{`}}scrape_job{{`}}`}}' + range: true + refId: A + title: Scrape targets UP(By Job) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 1832 + id: 133 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(vm_promscrape_scrape_pool_targets{job=~"$job", instance=~"$instance", status="down"}) by(job, scrape_job) > 0 + format: time_series + interval: '' + legendFormat: '{{`{{`}}job{{`}}`}}: {{`{{`}}scrape_job{{`}}`}}' + range: true + refId: A + title: Scrape targets DOWN(By Job) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the number of scrapes per second. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1839 + id: 20 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vm_promscrape_scrapes_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + interval: '' + legendFormat: __auto + range: true + refId: A + title: Scrape rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the number of datapoints scraped per second. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1839 + id: 126 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vm_promscrape_scraped_samples_sum{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + interval: '' + legendFormat: __auto + range: true + refId: A + title: Scraped datapoints rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1847 + id: 46 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(histogram_quantile(0.99, sum(rate(vm_promscrape_scrape_response_size_bytes_bucket{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, vmrange))) by(job) + format: time_series + interval: '' + legendFormat: __auto + range: true + refId: A + title: Scrape response size 0.99 quantile ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1847 + id: 148 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(histogram_quantile(0.99, sum(rate(vm_promscrape_scrape_duration_seconds_bucket{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, vmrange))) by(job) + format: time_series + interval: '' + legendFormat: __auto + range: true + refId: A + title: Scrape duration 0.99 quantile ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1855 + id: 31 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_promscrape_scrapes_failed_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + interval: '' + legendFormat: scrapes failed ({{`{{`}}job{{`}}`}}) + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_promscrape_scrapes_timed_out_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + interval: '' + legendFormat: timeouts ({{`{{`}}job{{`}}`}}) + range: true + refId: B + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_promscrape_scrapes_gunzip_failed_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + interval: '' + legendFormat: gunzip fails ({{`{{`}}job{{`}}`}}) + range: true + refId: C + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_promscrape_dial_errors_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + interval: '' + legendFormat: dial fails ({{`{{`}}job{{`}}`}}) + range: true + refId: D + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_promscrape_max_scrape_size_exceeded_errors_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + hide: false + interval: '' + legendFormat: max scrape size exceeded ({{`{{`}}job{{`}}`}}) + range: true + refId: E + title: Scrape fails ($instance) + type: timeseries + title: Scraping + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 40 + id: 71 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of write requests served by ingestserver (UDP, TCP connections) and HTTP server. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1547 + id: 73 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.2.6 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vm_ingestserver_requests_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, type, net) > 0 + interval: '' + legendFormat: '{{`{{`}}net{{`}}`}}: {{`{{`}} type {{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vmagent_http_requests_total{job=~"$job", instance=~"$instance", protocol!=""}[$__rate_interval])) by(job, protocol) > 0 + interval: '' + legendFormat: '{{`{{`}} protocol {{`}}`}}: http ({{`{{`}}job{{`}}`}})' + range: true + refId: B + title: Requests rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of rows ingested in vmagent via push protocols. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1547 + id: 131 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.2.6 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vmagent_rows_inserted_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, type) > 0 + interval: '' + legendFormat: '{{`{{`}} type {{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: A + title: Rows rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows how many concurrent inserts are taking place.\n\nIf the number of concurrent inserts hitting the `limit` or is close to the `limit` constantly - it might be a sign of a resource shortage.\n\n If vmagent's CPU usage and remote write connection saturation are at normal level, it might be that `-maxConcurrentInserts` cmd-line flag need to be increased." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1823 + id: 130 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.2.6 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: max_over_time(vm_concurrent_insert_current{job=~"$job", instance=~"$instance"}[$__rate_interval]) + interval: '' + legendFormat: '{{`{{`}}instance{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: min(vm_concurrent_insert_capacity{job=~"$job", instance=~"$instance"}) by(job) + interval: '' + legendFormat: limit ({{`{{`}}job{{`}}`}}) + range: true + refId: B + title: Concurrent inserts ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of write errors in ingestserver (UDP, TCP connections) and HTTP server. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1823 + id: 77 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.2.6 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + exemplar: true + expr: sum(rate(vm_ingestserver_request_errors_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(type, net) > 0 + interval: '' + legendFormat: '{{`{{`}} type {{`}}`}} ({{`{{`}}net{{`}}`}})' + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + exemplar: true + expr: sum(rate(vmagent_http_request_errors_total{job=~"$job", instance=~"$instance", protocol!=""}[$__rate_interval])) by(protocol) > 0 + interval: '' + legendFormat: '{{`{{`}} protocol {{`}}`}} (http)' + refId: B + title: Error rate ($instance) + type: timeseries + title: Ingestion + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 41 + id: 136 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the number of matched samples by the aggregation rule. \n\nThe more samples is matched, the more work this aggregation rule does. The matching rule is specified via `match` param.\n\nSee more details in [stream aggregation config](https://docs.victoriametrics.com/victoriametrics/stream-aggregation/#stream-aggregation-config). " + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1870 + id: 146 + options: + legend: + calcs: + - min + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_streamaggr_matched_samples_total{job=~"$job",instance=~"$instance", url=~"$url"}[$__rate_interval])) without (instance, pod) > 0 + instant: false + legendFormat: __auto + range: true + refId: A + title: Matched samples ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "The rate of ignored samples during aggregation. \nStream aggregation will drop samples with NaN values, or samples with too old timestamps. See https://docs.victoriametrics.com/victoriametrics/stream-aggregation/#ignoring-old-samples " + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1870 + id: 143 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_streamaggr_ignored_samples_total{job=~"$job",instance=~"$instance", url=~"$url"}[$__rate_interval]) > 0) without (instance, pod) + instant: false + legendFormat: __auto + range: true + refId: A + title: Ignored samples ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the number of produced samples by the aggregation rule. \n\nNumber of produced samples depend on params like `by`, `without`, `interval`, etc.\n\nSee more details in [stream aggregation config](https://docs.victoriametrics.com/victoriametrics/stream-aggregation/#stream-aggregation-config). " + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1878 + id: 147 + options: + legend: + calcs: + - min + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vm_streamaggr_output_samples_total{job=~"$job",instance=~"$instance", url=~"$url"}[$__rate_interval])) without (instance, pod) > 0 + instant: false + legendFormat: __auto + range: true + refId: A + title: Produced samples ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows events when deduplication or aggregation couldn't be finished in the configured interval. Such events may result into bad accuracy of produced data.\n\nPossible solutions:\n* increase interval; \n* use match filter matching smaller number of series;\n* reduce samples ingestion rate to stream aggregation" + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + min: -5 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1878 + id: 139 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: increase(vm_streamaggr_flush_timeouts_total{job=~"$job",instance=~"$instance", url=~"$url"}[$__rate_interval]) > 0 + instant: false + legendFormat: 'aggregation: {{`{{`}}url{{`}}`}} ({{`{{`}}job{{`}}`}}): {{`{{`}}path{{`}}`}}:{{`{{`}}position{{`}}`}}' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: increase(vm_streamaggr_dedup_flush_timeouts_total{job=~"$job",instance=~"$instance", url=~"$url"}[$__rate_interval]) > 0 + hide: false + instant: false + legendFormat: 'deduplication: {{`{{`}}url{{`}}`}} ({{`{{`}}job{{`}}`}}): {{`{{`}}path{{`}}`}}:{{`{{`}}position{{`}}`}}' + range: true + refId: B + title: Flush timeouts ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the max lag between samples timestamps within one batch passed to the aggregation input. + + + Lower is better. + + + Too high lag or lag exceeding the interval might be a sign that data was delayed before aggregation or resource insufficiency on aggregator. Samples with high lag may affect accuracy of aggregation. + + + See https://docs.victoriametrics.com/victoriametrics/stream-aggregation/#ignoring-old-samples' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1886 + id: 142 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: histogram_quantile(0.99, sum(rate(vm_streamaggr_samples_lag_seconds_bucket{job=~"$job",instance=~"$instance", url=~"$url"}[$__rate_interval])) without (instance, pod)) + instant: false + legendFormat: __auto + range: true + refId: A + title: Samples lag 0.99 quantile ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "The 99th percentile of avg flush duration for the aggregated data. \n\nSmaller is better.\n\nAggregation can produce incorrect results ff flush duration exceeds configured deduplication interval. See \"Flush Timeouts\" panel." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1886 + id: 137 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: histogram_quantile(0.99, rate(vm_streamaggr_dedup_flush_duration_seconds_bucket{job=~"$job",instance=~"$instance", url=~"$url"}[$__rate_interval])) + instant: false + legendFormat: __auto + range: true + refId: A + title: Dedup flush duration 0.99 quantile ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the size of Label Compressor in number of entries. + + + Labels compressor encodes label-value pairs during aggregation to optimise memory usage. It is expected for its size to grow with time and to reset on vmagent restarts. + + + Rapid spikes in Label compressor size might be a sign of significant changes in labels of received samples.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: + - matcher: + id: byRegexp + options: /bytes.*/ + properties: + - id: custom.axisPlacement + value: right + - id: unit + value: bytes + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1926 + id: 141 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: none + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(vm_streamaggr_labels_compressor_items_count{job=~"$job",instance=~"$instance"}) by(job, instance) + hide: false + instant: false + legendFormat: 'items: {{`{{`}}instance{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(vm_streamaggr_labels_compressor_size_bytes{job=~"$job", instance=~"$instance"}) by(job, instance) + hide: false + instant: false + legendFormat: 'bytes: {{`{{`}}instance{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: B + title: Labels compressor ($instance) + type: timeseries + title: Streaming aggregation + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 42 + id: 58 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the rate of requests to configured remote write endpoints by url and status code. + + + Remote write URLs are hidden by default but might be unveiled once `-remoteWrite.showURL` is set to true. + + + ' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 2 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1828 + id: 60 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vmagent_remotewrite_requests_total{job=~"$job", instance=~"$instance", url=~"$url"}[$__rate_interval])) by(job, url, status_code) > 0 + interval: '' + legendFormat: '' + range: true + refId: A + title: Requests rate ($instance) to ($url) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the global rate for number of written bytes via remote write connections. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: decbytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1828 + id: 66 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vmagent_remotewrite_conn_bytes_written_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + interval: '' + legendFormat: __auto + range: true + refId: A + title: Bytes write rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows requests retry rate by url. Number of retries is unlimited but protected with delays up to 1m between attempts. + + + Remote write URLs are hidden by default but might be unveiled once `-remoteWrite.showURL` is set to true. + + + ' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1836 + id: 61 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vmagent_remotewrite_retries_count_total{job=~"$job", instance=~"$instance", url=~"$url"}[$__rate_interval])) by(url) > 0 + interval: '' + legendFormat: __auto + range: true + refId: A + title: Retry rate ($instance) to ($url) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows current number of established connections to remote write endpoints. + + + ' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1836 + id: 65 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(max_over_time(vmagent_remotewrite_conns{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + interval: '' + legendFormat: __auto + range: true + refId: A + title: Connections ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the current limit usage of unique series over an hourly period. Vmagent will start to drop series once the limit is reached. + + + Please note, panel will be blank if `remoteWrite.maxHourlySeries` is not set.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + mappings: [] + max: 100 + thresholds: + mode: absolute + steps: + - color: transparent + - color: red + value: 0.9 + unit: percent + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1844 + id: 88 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: "max(\n vmagent_hourly_series_limit_current_series{job=~\"$job\", instance=~\"$instance\"} \n / \n vmagent_hourly_series_limit_max_series{job=~\"$job\", instance=~\"$instance\"}\n ) by(job) * 100" + interval: '' + legendFormat: '{{`{{`}}job{{`}}`}}' + range: true + refId: A + title: Hourly series limit + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows saturation of every connection to remote storage. If the threshold of 90% is reached, then the connection is saturated (busy or slow) by more than 90%, so vmagent won't be able to keep up and can start buffering data. \n\nThis usually means that `-remoteWrite.queues` command-line flag must be increased in order to increase the number of connections per each remote storage.\n" + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: transparent + - color: red + value: 0.9 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 1844 + id: 84 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: |- + max( + rate(vmagent_remotewrite_send_duration_seconds_total{job=~"$job", instance=~"$instance", url=~"$url"}[$__rate_interval]) + / + vmagent_remotewrite_queues{job=~"$job", instance=~"$instance", url=~"$url"} + ) by(job, url) + interval: '' + legendFormat: '' + range: true + refId: A + title: Remote write connection saturation ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the current limit usage of unique series over a daily period. Vmagent will start to drop series once the limit is reached. + + + Please note, panel will be blank if `remoteWrite.maxDailySeries` is not set.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + mappings: [] + max: 100 + thresholds: + mode: absolute + steps: + - color: transparent + - color: red + value: 0.9 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 1852 + id: 90 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: false + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: "max(\n vmagent_daily_series_limit_current_series{job=~\"$job\",instance=~\"$instance\"} \n / \n vmagent_daily_series_limit_max_series{job=~\"$job\",instance=~\"$instance\"}\n) by(job)" + interval: '' + legendFormat: '{{`{{`}}job{{`}}`}}' + range: true + refId: A + title: Daily series limit + type: timeseries + title: Remote write + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 43 + id: 113 + panels: + - fieldConfig: + defaults: {} + overrides: [] + gridPos: + h: 2 + w: 24 + x: 0 + 'y': 100 + id: 115 + options: + code: + language: plaintext + showLineNumbers: false + showMiniMap: false + content: Drilldown row is used by other panels on the dashboard to show more detailed metrics per-instance. + mode: markdown + pluginVersion: 11.5.0 + title: '' + transparent: true + type: text + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: '' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 102 + id: 119 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(rate(process_cpu_seconds_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, instance) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}instance{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: A + title: CPU usage ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the used memory (resident). + + The application''s performance will significantly degrade when memory usage is close to 100%.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + unit: decbytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 102 + id: 117 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: max_over_time(process_resident_memory_bytes{job=~"$job", instance=~"$instance"}[$__rate_interval]) + interval: '' + legendFormat: '{{`{{`}}instance{{`}}`}} ({{`{{`}}job{{`}}`}})' + range: true + refId: A + title: RSS memory usage ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the persistent queue size of pending samples in bytes which hasn't been flushed to remote storage yet. \n\nIncreasing of value might be a sign of connectivity issues. In such cases, vmagent starts to flush pending data on disk with attempt to send it later once connection is restored.\n\nRemote write URLs are hidden by default but might be unveiled once `-remoteWrite.showURL` is set to true." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 110 + id: 125 + links: + - title: Troubleshooting + url: https://docs.victoriametrics.com/victoriametrics/vmagent/#troubleshooting + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(vmagent_remotewrite_pending_data_bytes{job=~"$job", instance=~"$instance", url=~"$url"}) by (instance, url) + interval: '' + legendFormat: '{{`{{`}}instance{{`}}`}} => {{`{{`}}url{{`}}`}}' + range: true + refId: A + title: Persistent queue size ($instance) to ($url) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows in/out samples rate including push and pull models. \n\nThe out-rate could be different to in-rate because of replication or additional timeseries added by vmagent for every scraped target." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: short + overrides: + - matcher: + id: byRegexp + options: /out .*/ + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 110 + id: 123 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: |- + sum(rate(vm_promscrape_scraped_samples_sum{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, instance) + + sum(rate(vmagent_rows_inserted_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, instance) + hide: false + interval: '' + legendFormat: in {{`{{`}}instance{{`}}`}} {{`{{`}}job{{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vmagent_remotewrite_block_size_rows_sum{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, instance) + interval: '' + legendFormat: out {{`{{`}}instance{{`}}`}} {{`{{`}}job{{`}}`}} + range: true + refId: B + title: Samples rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the number of bytes read/write from the storage layer when vmagent has to buffer data on disk or read already buffered data. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + value: null + - color: red + value: 80 + unit: bytes + overrides: + - matcher: + id: byName + options: read + properties: + - id: custom.transform + value: negative-Y + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 118 + id: 121 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_io_storage_read_bytes_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, instance) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: read {{`{{`}}instance{{`}}`}} {{`{{`}}job{{`}}`}} + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_io_storage_written_bytes_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job,instance) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: write {{`{{`}}instance{{`}}`}} {{`{{`}}job{{`}}`}} + range: true + refId: B + title: Disk writes/reads ($instance) + type: timeseries + title: Drilldown + type: row +preload: false +refresh: '' +schemaVersion: 40 +tags: +- victoriametrics +- vm-k8s-stack +templating: + list: + - current: {} + includeAll: false + name: ds + options: [] + query: {{ $defaultDatasource }} + refresh: 1 + regex: '' + type: datasource + - current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vm_app_version{version=~"^vmagent.*"}, job) + includeAll: true + multi: true + name: job + options: [] + query: + query: label_values(vm_app_version{version=~"^vmagent.*"}, job) + refId: VictoriaMetrics-job-Variable-Query + refresh: 1 + regex: '' + type: query + - allValue: .* + current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vm_app_version{job=~"$job"}, instance) + includeAll: true + multi: true + name: instance + options: [] + query: + query: label_values(vm_app_version{job=~"$job"}, instance) + refId: VictoriaMetrics-instance-Variable-Query + refresh: 1 + regex: '' + type: query + - allValue: .* + current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vmagent_remotewrite_requests_total{job=~"$job", instance=~"$instance"}, url) + description: The remote write URLs + includeAll: true + multi: true + name: url + options: [] + query: + query: label_values(vmagent_remotewrite_requests_total{job=~"$job", instance=~"$instance"}, url) + refId: StandardVariableQuery + refresh: 1 + regex: '' + type: query + - baseFilters: [] + datasource: + type: prometheus + uid: $ds + filters: [] + name: adhoc + type: adhoc +time: + from: now-3h + to: now +timepicker: + refresh_intervals: + - 10s + - 30s + - 1m + - 5m + - 15m + - 30m + - 1h + - 2h + - 1d +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: VictoriaMetrics - vmagent +uid: G7Z9GzMGz +version: 1 +weekStart: '' diff --git a/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-vmalert.yaml b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-vmalert.yaml new file mode 100644 index 0000000..9060c06 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/dashboards/generated/victoriametrics-vmalert.yaml @@ -0,0 +1,3204 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $multicluster := ((($Values.grafana).sidecar).dashboards).multicluster | default false }} +{{- $defaultDatasource := "prometheus" -}} +{{- range (((($Values.grafana).sidecar).datasources).victoriametrics | default list) }} + {{- if and .isDefault .type }}{{ $defaultDatasource = .type }}{{- end }} +{{- end }} +annotations: + list: + - builtIn: 1 + datasource: + type: datasource + uid: grafana + enable: true + hide: true + iconColor: rgba(0, 211, 255, 1) + name: Annotations & Alerts + target: + limit: 100 + matchAny: false + tags: [] + type: dashboard + type: dashboard + - datasource: + type: prometheus + uid: $ds + enable: true + expr: sum(vm_app_version{job=~"$job", instance=~"$instance"}) by(short_version) unless (sum(vm_app_version{job=~"$job", instance=~"$instance"} offset $__interval) by(short_version)) + hide: true + iconColor: dark-blue + name: version + textFormat: '{{`{{`}}short_version{{`}}`}}' + titleFormat: Version change + - datasource: + type: prometheus + uid: $ds + enable: true + expr: sum(changes(vm_app_start_timestamp{job=~"$job", instance=~"$instance"}[$__interval])) by(job, instance) + hide: false + iconColor: dark-yellow + name: restarts + textFormat: '{{`{{`}}job{{`}}`}}:{{`{{`}}instance{{`}}`}} restarted' +condition: {{ ($Values.vmalert).enabled }} +description: Overview for VictoriaMetrics vmalert v1.117.0 or higher +editable: false +fiscalYearStartMonth: 0 +graphTooltip: 1 +id: 3 +links: +- asDropdown: false + icon: external link + includeVars: false + keepTime: false + tags: [] + targetBlank: true + title: vmalert docs + tooltip: '' + type: link + url: https://docs.victoriametrics.com/victoriametrics/vmalert/ +- asDropdown: false + icon: external link + includeVars: false + keepTime: false + tags: [] + targetBlank: true + title: Found a bug? + tooltip: '' + type: link + url: ' https://github.com/VictoriaMetrics/VictoriaMetrics/issues' +- asDropdown: false + icon: external link + includeVars: false + keepTime: false + tags: [] + targetBlank: true + title: New releases + tooltip: '' + type: link + url: ' https://github.com/VictoriaMetrics/VictoriaMetrics/releases' +panels: +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 0 + id: 47 + panels: [] + title: Stats + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows if the last configuration update was successful. "Not Ok" means there was an unsuccessful attempt to update the configuration due to some error. Check the log for details. + fieldConfig: + defaults: + mappings: + - options: + match: 'null' + result: + color: green + index: 0 + text: Ok + type: special + - options: + from: 1 + result: + color: red + index: 1 + text: Not Ok + to: 999999 + type: range + thresholds: + mode: absolute + steps: + - color: green + overrides: [] + gridPos: + h: 3 + w: 4 + x: 0 + 'y': 1 + id: 6 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - last + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 12.0.2 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: count(vmalert_config_last_reload_successful{job=~"$job", instance=~"$instance"} < 1 ) + interval: '' + legendFormat: '' + range: true + refId: A + title: Config update + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the total number of loaded alerting rules across selected instances and groups. + fieldConfig: + defaults: + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + overrides: [] + gridPos: + h: 3 + w: 5 + x: 4 + 'y': 1 + id: 9 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - last + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 12.0.2 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + exemplar: false + expr: count(vmalert_alerting_rules_last_evaluation_samples{job=~"$job", instance=~"$instance", group=~"$group", file=~"$file"}) + interval: '' + legendFormat: '' + refId: A + title: Alerting rules + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the total number of loaded recording rules across selected instances and groups. + fieldConfig: + defaults: + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + overrides: [] + gridPos: + h: 3 + w: 5 + x: 9 + 'y': 1 + id: 7 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - last + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 12.0.2 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + exemplar: false + expr: count(vmalert_recording_rules_last_evaluation_samples{job=~"$job", instance=~"$instance", group=~"$group", file=~"$file"}) + interval: '' + legendFormat: '' + refId: A + title: Recording rules + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the total number of errors generated by recording/alerting rules for selected instances and groups. + fieldConfig: + defaults: + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 1 + overrides: [] + gridPos: + h: 3 + w: 5 + x: 14 + 'y': 1 + id: 8 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - last + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 12.0.2 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: "(sum(increase(vmalert_alerting_rules_errors_total{job=~\"$job\", instance=~\"$instance\", group=~\"$group\", file=~\"$file\"}[$__rate_interval]))) + \n(sum(increase(vmalert_recording_rules_errors_total{job=~\"$job\", instance=~\"$instance\", group=~\"$group\", file=~\"$file\"}[$__rate_interval])))" + interval: '' + legendFormat: '' + range: true + refId: A + title: Errors + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows number of Recording Rules which produce no data.\n\n Usually it means that such rules are misconfigured, since they give no output during the evaluation.\nPlease check if rule's expression is correct and it is working as expected." + fieldConfig: + defaults: + mappings: + - options: + match: 'null' + result: + index: 1 + text: '0' + type: special + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 1 + overrides: [] + gridPos: + h: 3 + w: 5 + x: 19 + 'y': 1 + id: 48 + options: + colorMode: value + graphMode: area + justifyMode: auto + orientation: auto + percentChangeColorMode: standard + reduceOptions: + calcs: + - last + fields: '' + values: false + showPercentChange: false + text: {} + textMode: auto + wideLayout: true + pluginVersion: 12.0.2 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: count(vmalert_recording_rules_last_evaluation_samples{job=~"$job", instance=~"$instance"} < 1) + interval: '' + legendFormat: '' + range: true + refId: A + title: No data errors + type: stat +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: thresholds + custom: + align: auto + cellOptions: + type: auto + inspect: false + minWidth: 50 + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: + - matcher: + id: byName + options: Time + properties: + - id: custom.hidden + value: true + - matcher: + id: byName + options: Value + properties: + - id: displayName + value: Count + gridPos: + h: 4 + w: 9 + x: 0 + 'y': 4 + id: 45 + options: + cellHeight: sm + footer: + countRows: false + fields: '' + reducer: + - sum + show: false + showHeader: true + pluginVersion: 12.0.2 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(vm_app_version{job=~"$job", instance=~"$instance"}) by(job, short_version) + format: table + instant: true + range: false + refId: A + title: '' + type: table +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: stepAfter + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 4 + w: 15 + x: 9 + 'y': 4 + id: 4 + options: + legend: + calcs: + - lastNotNull + displayMode: table + placement: right + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: asc + pluginVersion: 12.0.2 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(min_over_time(up{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (job) + format: time_series + instant: false + interval: '' + legendFormat: '{{`{{`}}job{{`}}`}}' + refId: A + title: Uptime + type: timeseries +- collapsed: false + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 8 + id: 11 + panels: [] + title: Overview ($instance) + type: row +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the number of fired alerts by job. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 9 + id: 15 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 12.0.2 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(increase(vmalert_alerts_fired_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + interval: '' + legendFormat: '{{`{{`}}job{{`}}`}}' + range: true + refId: A + title: Alerts fired total ($instance) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Top $topk groups by evaluation duration. Shows groups that take the most of time during the evaluation across all instances. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 9 + id: 23 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 12.0.2 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: "topk($topk, max(sum(\n rate(vmalert_iteration_duration_seconds_sum{job=~\"$job\", instance=~\"$instance\", group=~\"$group\", file=~\"$file\"}[$__rate_interval])\n/\n rate(vmalert_iteration_duration_seconds_count{job=~\"$job\", instance=~\"$instance\", group=~\"$group\", file=~\"$file\"}[$__rate_interval])\n) by(job, instance, group, file)) \nby(job, group, file))" + interval: '' + legendFormat: ({{`{{`}}job{{`}}`}}) {{`{{`}}group{{`}}`}}({{`{{`}}file{{`}}`}}) + range: true + refId: A + title: Top $topk groups avg evaluation duration ($group) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows how many requests (executions) per second vmalert sends to the configured datasource. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 17 + id: 24 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 12.0.2 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(rate(vmalert_execution_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by (job) + interval: '' + legendFormat: '{{`{{`}}job{{`}}`}}' + range: true + refId: A + title: Rules execution rate ($instance) + type: timeseries +- datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the error rate while executing configured rules. Non-zero value means there are some issues with existing rules. Check the logs to get more details. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 17 + id: 25 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 12.0.2 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(rate(vmalert_execution_errors_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + interval: '' + legendFormat: __auto + range: true + refId: A + title: Rules execution errors ($instance) + type: timeseries +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 25 + id: 43 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'The percentage of used RSS memory + + + If you think that usage is abnormal or unexpected, please file an issue and attach memory profile if possible.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 162 + id: 37 + links: + - targetBlank: true + title: Profiling + url: https://docs.victoriametrics.com/victoriametrics/vmagent/#profiling + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: |- + max( + max_over_time(process_resident_memory_bytes{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job", instance=~"$instance"} + ) by(job) + interval: '' + legendFormat: __auto + range: true + refId: A + title: Memory usage % ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the CPU usage percentage per vmalert instance. \nIf you think that usage is abnormal or unexpected pls file an issue and attach CPU profile if possible." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 162 + id: 35 + links: + - targetBlank: true + title: Profiling + url: https://docs.victoriametrics.com/victoriametrics/vmagent/#profiling + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: "max(\n rate(process_cpu_seconds_total{job=~\"$job\", instance=~\"$instance\"}[$__rate_interval]) \n / \n process_cpu_cores_available{job=~\"$job\", instance=~\"$instance\"}\n) by(job)" + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}job{{`}}`}}' + range: true + refId: A + title: CPU usage %($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Share for memory allocated by the process itself. When memory usage reaches 100% it will be likely OOM-killed. + + Safe memory usage % considered to be below 80%' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 170 + id: 65 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: |- + max( + max_over_time(process_resident_memory_anon_bytes{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + vm_available_memory_bytes{job=~"$job", instance=~"$instance"} + ) by(instance) + interval: '' + legendFormat: __auto + range: true + refId: A + title: RSS anonymous memory % usage + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the max number of CPU cores used by a `job` and the corresponding limit. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 170 + id: 56 + links: + - targetBlank: true + title: Profiling + url: https://docs.victoriametrics.com/victoriametrics/vmagent/#profiling + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: max(rate(process_cpu_seconds_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + format: time_series + interval: '' + intervalFactor: 1 + legendFormat: '{{`{{`}}job{{`}}`}}' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: min(process_cpu_cores_available{job=~"$job", instance=~"$instance"}) by(job) + format: time_series + hide: false + interval: '' + intervalFactor: 1 + legendFormat: limit ({{`{{`}}job{{`}}`}}) + range: true + refId: B + title: CPU usage ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Amount of used RSS memory + + + If you think that usage is abnormal or unexpected, please file an issue and attach memory profile if possible.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 178 + id: 57 + links: + - targetBlank: true + title: Profiling + url: https://docs.victoriametrics.com/victoriametrics/vmagent/#profiling + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: |- + max( + max_over_time(process_resident_memory_bytes{job=~"$job", instance=~"$instance"}[$__rate_interval]) + ) by(job) + interval: '' + legendFormat: '{{`{{`}}job{{`}}`}}' + range: true + refId: A + title: Memory usage ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows CPU pressure based on [Pressure Stall Information](https://docs.kernel.org/accounting/psi.html). + + + The lower the better.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 178 + id: 66 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_cpu_waiting_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - waiting' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_cpu_stalled_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + hide: false + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - stalled' + range: true + refId: B + title: CPU pressure + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows memory pressure based on [Pressure Stall Information](https://docs.kernel.org/accounting/psi.html). + + + The lower the better.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 186 + id: 67 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_memory_waiting_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - waiting' + range: true + refId: A + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(process_pressure_memory_stalled_seconds_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + hide: false + interval: '' + intervalFactor: 2 + legendFormat: '{{`{{`}}instance{{`}}`}} - stalled' + range: true + refId: B + title: Memory pressure + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 186 + id: 41 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: none + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(go_goroutines{job=~"$job", instance=~"$instance"}) by(job) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Goroutines ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Panel shows the percentage of open file descriptors in the OS. + + Reaching the limit of open files can cause various issues and must be prevented. + + + See how to change limits here https://medium.com/@muhammadtriwibowo/set-permanently-ulimit-n-open-files-in-ubuntu-4d61064429a' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 3 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 194 + id: 39 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: |- + max( + max_over_time(process_open_fds{job=~"$job", instance=~"$instance"}[$__rate_interval]) + / + process_max_fds{job=~"$job", instance=~"$instance"} + ) by(job) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Open FDs usage % ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Shows the time goroutines have spent in runnable state before actually running. The lower is better.\n\nHigh values or values exceeding the threshold is usually a sign of insufficient CPU resources or CPU throttling. \n\nVerify that service has enough CPU resources. Otherwise, the service could work unreliably with delays in processing." + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 0.1 + unit: s + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 194 + id: 61 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: max(histogram_quantile(0.99, sum(rate(go_sched_latencies_seconds_bucket{job=~"$job"}[$__rate_interval])) by (job, instance, le))) by(job) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Go scheduling latency + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the percent of CPU spent on garbage collection. + + + If % is high, then CPU usage can be decreased by changing GOGC to higher values. Increasing GOGC value will increase memory usage, and decrease CPU usage. + + + Try searching for keyword `GOGC` at https://docs.victoriametrics.com/victoriametrics/troubleshooting/ ' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: percentunit + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 202 + id: 59 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: "max(\n rate(go_gc_cpu_seconds_total{job=~\"$job\", instance=~\"$instance\"}[$__rate_interval]) \n / rate(process_cpu_seconds_total{job=~\"$job\", instance=~\"$instance\"}[$__rate_interval])\n ) by(job)" + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: CPU spent on GC ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the rate of allocations in memory. Sudden increase in allocations would mean increased pressure on Go Garbage Collector and can saturate CPU resources of the application. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + barWidthFactor: 0.6 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: line + decimals: 0 + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + unit: bytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 210 + id: 64 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + hideZeros: false + mode: multi + sort: desc + pluginVersion: 11.5.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(go_memstats_alloc_bytes_total{job=~"$job"}[$__rate_interval])) by (job, instance) + format: time_series + interval: '' + intervalFactor: 2 + legendFormat: __auto + range: true + refId: A + title: Memory allocations rate + type: timeseries + title: Resource usage + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 26 + id: 62 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: thresholds + custom: + align: auto + cellOptions: + type: auto + inspect: false + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: + - matcher: + id: byName + options: Value + properties: + - id: custom.hidden + value: true + - matcher: + id: byName + options: Time + properties: + - id: custom.hidden + value: true + gridPos: + h: 7 + w: 12 + x: 0 + 'y': 345 + id: 50 + options: + cellHeight: sm + footer: + countRows: false + fields: '' + reducer: + - sum + show: false + showHeader: true + sortBy: + - desc: true + displayName: job + pluginVersion: 10.4.2 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(flag{is_set="true", job=~"$job", instance=~"$instance"}) by(job, instance, name, value) + format: table + instant: true + legendFormat: __auto + range: false + refId: A + title: Non-default flags + transformations: + - id: groupBy + options: + fields: + instance: + aggregations: + - uniqueValues + operation: aggregate + job: + aggregations: [] + operation: groupby + name: + aggregations: [] + operation: groupby + value: + aggregations: [] + operation: groupby + type: table + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: "Missed evaluation means that group evaluation time takes longer than the configured evaluation interval. \nThis may result in missed alerting notifications or recording rules samples. Try increasing evaluation interval or concurrency for such groups. See https://docs.victoriametrics.com/victoriametrics/vmalert/#groups\n\nIf rule expressions are taking longer than expected, please see https://docs.victoriametrics.com/victoriametrics/troubleshooting/#slow-queries.\"" + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: bars + fillOpacity: 10 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 7 + w: 12 + x: 12 + 'y': 345 + id: 58 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.6 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(increase(vmalert_iteration_missed_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, group, file) > 0 + interval: 1m + legendFormat: ({{`{{`}}job{{`}}`}}) {{`{{`}}group{{`}}`}}({{`{{`}}file{{`}}`}}) + range: true + refId: A + title: Missed evaluations ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the number of restarts per job. The chart can be useful to identify periodic process restarts and correlate them with potential issues or anomalies. Normally, processes shouldn''t restart unless restart was inited by user. The reason of restarts should be figured out by checking the logs of each specific service. ' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + axisSoftMin: 0 + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: stepAfter + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + decimals: 0 + links: [] + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: none + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 352 + id: 63 + options: + legend: + calcs: + - lastNotNull + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.1.0 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(changes(vm_app_start_timestamp{job=~"$job", instance=~"$instance"}[$__rate_interval]) > 0) by(job) + format: time_series + instant: false + legendFormat: '{{`{{`}}job{{`}}`}}' + refId: A + title: Restarts ($job) + type: timeseries + title: Troubleshooting + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 27 + id: 17 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows top $topk current active (firing) alerting rules. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 370 + id: 14 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.2.6 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: topk($topk, sum(vmalert_alerts_firing{job=~"$job", instance=~"$instance", group=~"$group", file=~"$file"}) by(job, group, file, alertname) > 0) + interval: '' + legendFormat: ({{`{{`}}job{{`}}`}}) {{`{{`}}group{{`}}`}}.{{`{{`}}alertname{{`}}`}}({{`{{`}}file{{`}}`}}) + range: true + refId: A + title: Top $topk active alerts ($group) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the events when rule execution resulted into an error. Check the logs for more details. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 370 + id: 13 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.2.6 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(increase(vmalert_alerting_rules_errors_total{job=~"$job", instance=~"$instance", group=~"$group", file=~"$file"}[$__rate_interval])) by(job, group, file, alertname) > 0 + interval: '' + legendFormat: ({{`{{`}}job{{`}}`}}) {{`{{`}}group{{`}}`}}.{{`{{`}}alertname{{`}}`}}({{`{{`}}file{{`}}`}}) + range: true + refId: A + title: Errors ($group) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the current pending alerting rules per group. + + By pending means the rule which remains active less than configured `for` parameter.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 378 + id: 20 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Mean + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.2.6 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(vmalert_alerts_pending{job=~"$job", instance=~"$instance", group=~"$group", file=~"$file"}) by(job, group, file, alertname) > 0 + interval: '' + legendFormat: ({{`{{`}}job{{`}}`}}) {{`{{`}}group{{`}}`}}.{{`{{`}}alertname{{`}}`}}({{`{{`}}file{{`}}`}}) + range: true + refId: A + title: Pending ($group) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the error rate for the attempts to send alerts to Alertmanager. If not zero it means there issues on attempt to send notification to Alertmanager and some alerts may be not delivered properly. Check the logs for more details. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 378 + id: 32 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.2.6 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + exemplar: false + expr: sum(rate(vmalert_alerts_send_errors_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(instance, addr) > 0 + interval: '' + legendFormat: '{{`{{`}}instance{{`}}`}} => {{`{{`}}addr{{`}}`}}' + refId: A + title: Errors rate to Alertmanager + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows how many alerts are sent to Alertmanager per second. Only active alerts are sent. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 386 + id: 26 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.2.6 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(rate(vmalert_alerts_sent_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job, addr) > 0 + interval: '' + legendFormat: '{{`{{`}}job{{`}}`}} => {{`{{`}}addr{{`}}`}}' + range: true + refId: A + title: Requests rate to Alertmanager by job ($group) + type: timeseries + title: Alerting rules ($instance) + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 28 + id: 28 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the top $topk recording rules which generate the most of [samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples). Each generated sample is basically a time series which then ingested into configured remote storage. Rules with high numbers may cause the most pressure on the remote database and become a source of too high cardinality. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 385 + id: 31 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 9.2.6 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: "topk($topk, \n max(\n sum(vmalert_recording_rules_last_evaluation_samples{job=~\"$job\", instance=~\"$instance\", group=~\"$group\", file=~\"$file\"}) by(job, instance, group, file, recording) > 0\n ) by(job, group, file, recording)\n)" + interval: '' + legendFormat: ({{`{{`}}job{{`}}`}}) {{`{{`}}group{{`}}`}}.{{`{{`}}recording{{`}}`}}({{`{{`}}file{{`}}`}}) + range: true + refId: A + title: Top $topk rules by produced samples ($group) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows the rules which do not produce any [samples](https://docs.victoriametrics.com/victoriametrics/keyconcepts/#raw-samples) during the evaluation. Usually it means that such rules are misconfigured, since they give no output during the evaluation. + + Please check if rule''s expression is correct and it is working as expected.' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: true + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 385 + id: 33 + options: + legend: + calcs: + - lastNotNull + - max + - mean + displayMode: table + placement: bottom + showLegend: true + sortBy: Last * + sortDesc: true + tooltip: + mode: multi + sort: desc + pluginVersion: 8.0.3 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: count(vmalert_recording_rules_last_evaluation_samples{job=~"$job", instance=~"$instance", group=~"$group", file=~"$file"} < 1) by(job, group, file, recording) + interval: '' + legendFormat: ({{`{{`}}job{{`}}`}}) {{`{{`}}group{{`}}`}}.{{`{{`}}recording{{`}}`}}({{`{{`}}file{{`}}`}}) + range: true + refId: A + title: Rules with 0 produced samples ($group) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 393 + id: 30 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: none + pluginVersion: 9.2.6 + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: false + expr: sum(increase(vmalert_recording_rules_errors_total{job=~"$job", instance=~"$instance", group=~"$group", file=~"$file"}[$__rate_interval])) by(job, group, file, recording) > 0 + interval: '' + legendFormat: ({{`{{`}}job{{`}}`}}) {{`{{`}}group{{`}}`}}.{{`{{`}}recording{{`}}`}}({{`{{`}}file{{`}}`}}) + range: true + refId: A + title: Errors ($group) + type: timeseries + title: Recording rules ($instance) + type: row +- collapsed: true + gridPos: + h: 1 + w: 24 + x: 0 + 'y': 29 + id: 55 + panels: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 351 + id: 52 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: desc + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vmalert_remotewrite_sent_rows_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + legendFormat: __auto + range: true + refId: A + title: Datapoints send rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the number of datapoints dropped by vmalert while sending to the configured remote write URL. vmalert performs up to 5 retries before dropping the data. Check vmalert's error logs for the specific error message. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: auto + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + mappings: [] + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 351 + id: 53 + options: + legend: + calcs: [] + displayMode: list + placement: bottom + showLegend: true + tooltip: + mode: single + sort: desc + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + expr: sum(rate(vmalert_remotewrite_dropped_rows_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + legendFormat: __auto + range: true + refId: A + title: Datapoints drop rate ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: 'Shows current number of established connections to remote write endpoints. + + + ' + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: short + overrides: [] + gridPos: + h: 8 + w: 12 + x: 0 + 'y': 378 + id: 54 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(max_over_time(vmalert_remotewrite_conns{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) + interval: '' + legendFormat: __auto + range: true + refId: A + title: Connections ($instance) + type: timeseries + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + description: Shows the global rate for number of written bytes via remote write connections. + fieldConfig: + defaults: + color: + mode: palette-classic + custom: + axisBorderShow: false + axisCenteredZero: false + axisColorMode: text + axisLabel: '' + axisPlacement: auto + barAlignment: 0 + drawStyle: line + fillOpacity: 0 + gradientMode: none + hideFrom: + legend: false + tooltip: false + viz: false + insertNulls: false + lineInterpolation: linear + lineWidth: 1 + pointSize: 5 + scaleDistribution: + type: linear + showPoints: never + spanNulls: false + stacking: + group: A + mode: none + thresholdsStyle: + mode: 'off' + links: [] + mappings: [] + min: 0 + thresholds: + mode: absolute + steps: + - color: green + - color: red + value: 80 + unit: decbytes + overrides: [] + gridPos: + h: 8 + w: 12 + x: 12 + 'y': 378 + id: 60 + options: + legend: + calcs: + - mean + - lastNotNull + - max + displayMode: table + placement: bottom + showLegend: true + tooltip: + mode: multi + sort: desc + targets: + - datasource: + type: {{ $defaultDatasource }} + uid: $ds + editorMode: code + exemplar: true + expr: sum(rate(vmalert_remotewrite_conn_bytes_written_total{job=~"$job", instance=~"$instance"}[$__rate_interval])) by(job) > 0 + interval: '' + legendFormat: __auto + range: true + refId: A + title: Bytes write rate ($instance) + type: timeseries + title: Remote write + type: row +preload: false +refresh: '' +schemaVersion: 41 +tags: +- victoriametrics +- vm-k8s-stack +templating: + list: + - current: + text: VictoriaMetrics - cluster + value: PAF93674D0B4E9963 + includeAll: false + name: ds + options: [] + query: {{ $defaultDatasource }} + refresh: 1 + regex: '' + type: datasource + - current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vm_app_version{version=~"^vmalert.*"}, job) + includeAll: true + multi: true + name: job + options: [] + query: + query: label_values(vm_app_version{version=~"^vmalert.*"}, job) + refId: StandardVariableQuery + refresh: 1 + regex: '' + type: query + - allValue: .* + current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vm_app_version{job=~"$job"}, instance) + includeAll: true + multi: true + name: instance + options: [] + query: + query: label_values(vm_app_version{job=~"$job"}, instance) + refId: StandardVariableQuery + refresh: 1 + regex: '' + type: query + - allValue: .* + current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vmalert_iteration_total{job=~"$job", instance=~"$instance"},file) + includeAll: true + multi: true + name: file + options: [] + query: + query: label_values(vmalert_iteration_total{job=~"$job", instance=~"$instance"},file) + refId: PrometheusVariableQueryEditor-VariableQuery + refresh: 1 + regex: '' + type: query + - allValue: .* + current: {} + datasource: + type: prometheus + uid: $ds + definition: label_values(vmalert_iteration_total{job=~"$job", instance=~"$instance"}, group) + includeAll: true + multi: true + name: group + options: [] + query: + query: label_values(vmalert_iteration_total{job=~"$job", instance=~"$instance"}, group) + refId: StandardVariableQuery + refresh: 1 + regex: '' + type: query + - current: + text: '5' + value: '5' + includeAll: false + name: topk + options: + - selected: true + text: '5' + value: '5' + - selected: false + text: '10' + value: '10' + - selected: false + text: '20' + value: '20' + - selected: false + text: '30' + value: '30' + - selected: false + text: '40' + value: '40' + - selected: false + text: '50' + value: '50' + query: 5, 10, 20, 30, 40, 50 + type: custom + - baseFilters: [] + datasource: + type: prometheus + uid: ${ds} + filters: [] + name: filter + type: adhoc +time: + from: now-3h + to: now +timepicker: {} +timezone: {{ default "utc" ($Values.defaultDashboards).defaultTimezone }} +title: VictoriaMetrics - vmalert +uid: LzldHAVnz +version: 1 diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/alertmanager.rules.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/alertmanager.rules.yaml new file mode 100644 index 0000000..8fbf2a5 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/alertmanager.rules.yaml @@ -0,0 +1,139 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ ($Values.alertmanager).enabled }}' +name: alertmanager.rules +rules: +- alert: AlertmanagerFailedReload + annotations: + description: 'Configuration has failed to load for {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod{{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/alertmanager/alertmanagerfailedreload' + summary: 'Reloading an Alertmanager configuration has failed.' + condition: '{{ true }}' + expr: |- + # Without max_over_time, failed scrapes could create false negatives, see + # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details. + max_over_time(alertmanager_config_last_reload_successful{job="{{ include "vm-k8s-stack.alertmanager.name" . }}",namespace="{{ include "vm.namespace" . }}"}[5m]) == 0 + for: 10m + labels: + severity: critical +- alert: AlertmanagerMembersInconsistent + annotations: + description: 'Alertmanager {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod{{`}}`}} has only found {{`{{`}} $value {{`}}`}} members of the {{`{{`}}$labels.job{{`}}`}} cluster.' + runbook_url: '{{ $runbookUrl }}/alertmanager/alertmanagermembersinconsistent' + summary: 'A member of an Alertmanager cluster has not found all other cluster members.' + condition: '{{ true }}' + expr: |- + # Without max_over_time, failed scrapes could create false negatives, see + # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details. + max_over_time(alertmanager_cluster_members{job="{{ include "vm-k8s-stack.alertmanager.name" . }}",namespace="{{ include "vm.namespace" . }}"}[5m]) + < on (namespace,service,{{ $groupLabels }}) group_left + count by (namespace,service,{{ $groupLabels }}) (max_over_time(alertmanager_cluster_members{job="{{ include "vm-k8s-stack.alertmanager.name" . }}",namespace="{{ include "vm.namespace" . }}"}[5m])) + for: 15m + labels: + severity: critical +- alert: AlertmanagerFailedToSendAlerts + annotations: + description: 'Alertmanager {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod{{`}}`}} failed to send {{`{{`}} $value | humanizePercentage {{`}}`}} of notifications to {{`{{`}} $labels.integration {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/alertmanager/alertmanagerfailedtosendalerts' + summary: 'An Alertmanager instance failed to send notifications.' + condition: '{{ true }}' + expr: |- + ( + rate(alertmanager_notifications_failed_total{job="{{ include "vm-k8s-stack.alertmanager.name" . }}",namespace="{{ include "vm.namespace" . }}"}[15m]) + / + ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ include "vm-k8s-stack.alertmanager.name" . }}",namespace="{{ include "vm.namespace" . }}"}[15m]) + ) + > 0.01 + for: 5m + labels: + severity: warning +- alert: AlertmanagerClusterFailedToSendAlerts + annotations: + description: 'The minimum notification failure rate to {{`{{`}} $labels.integration {{`}}`}} sent from any instance in the {{`{{`}}$labels.job{{`}}`}} cluster is {{`{{`}} $value | humanizePercentage {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/alertmanager/alertmanagerclusterfailedtosendalerts' + summary: 'All Alertmanager instances in a cluster failed to send notifications to a critical integration.' + condition: '{{ true }}' + expr: |- + min by (namespace,service,integration,{{ $groupLabels }}) ( + rate(alertmanager_notifications_failed_total{job="{{ include "vm-k8s-stack.alertmanager.name" . }}",namespace="{{ include "vm.namespace" . }}", integration=~`.*`}[15m]) + / + ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ include "vm-k8s-stack.alertmanager.name" . }}",namespace="{{ include "vm.namespace" . }}", integration=~`.*`}[15m]) + ) + > 0.01 + for: 5m + labels: + severity: critical +- alert: AlertmanagerClusterFailedToSendAlerts + annotations: + description: 'The minimum notification failure rate to {{`{{`}} $labels.integration {{`}}`}} sent from any instance in the {{`{{`}}$labels.job{{`}}`}} cluster is {{`{{`}} $value | humanizePercentage {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/alertmanager/alertmanagerclusterfailedtosendalerts' + summary: 'All Alertmanager instances in a cluster failed to send notifications to a non-critical integration.' + condition: '{{ true }}' + expr: |- + min by (namespace,service,integration,{{ $groupLabels }}) ( + rate(alertmanager_notifications_failed_total{job="{{ include "vm-k8s-stack.alertmanager.name" . }}",namespace="{{ include "vm.namespace" . }}", integration!~`.*`}[15m]) + / + ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ include "vm-k8s-stack.alertmanager.name" . }}",namespace="{{ include "vm.namespace" . }}", integration!~`.*`}[15m]) + ) + > 0.01 + for: 5m + labels: + severity: warning +- alert: AlertmanagerConfigInconsistent + annotations: + description: 'Alertmanager instances within the {{`{{`}}$labels.job{{`}}`}} cluster have different configurations.' + runbook_url: '{{ $runbookUrl }}/alertmanager/alertmanagerconfiginconsistent' + summary: 'Alertmanager instances within the same cluster have different configurations.' + condition: '{{ true }}' + expr: |- + count by (namespace,service,{{ $groupLabels }}) ( + count_values by (namespace,service,{{ $groupLabels }}) ("config_hash", alertmanager_config_hash{job="{{ include "vm-k8s-stack.alertmanager.name" . }}",namespace="{{ include "vm.namespace" . }}"}) + ) + != 1 + for: 20m + labels: + severity: critical +- alert: AlertmanagerClusterDown + annotations: + description: '{{`{{`}} $value | humanizePercentage {{`}}`}} of Alertmanager instances within the {{`{{`}}$labels.job{{`}}`}} cluster have been up for less than half of the last 5m.' + runbook_url: '{{ $runbookUrl }}/alertmanager/alertmanagerclusterdown' + summary: 'Half or more of the Alertmanager instances within the same cluster are down.' + condition: '{{ true }}' + expr: |- + ( + count by (namespace,service,{{ $groupLabels }}) ( + avg_over_time(up{job="{{ include "vm-k8s-stack.alertmanager.name" . }}",namespace="{{ include "vm.namespace" . }}"}[5m]) < 0.5 + ) + / + count by (namespace,service,{{ $groupLabels }}) ( + up{job="{{ include "vm-k8s-stack.alertmanager.name" . }}",namespace="{{ include "vm.namespace" . }}"} + ) + ) + >= 0.5 + for: 5m + labels: + severity: critical +- alert: AlertmanagerClusterCrashlooping + annotations: + description: '{{`{{`}} $value | humanizePercentage {{`}}`}} of Alertmanager instances within the {{`{{`}}$labels.job{{`}}`}} cluster have restarted at least 5 times in the last 10m.' + runbook_url: '{{ $runbookUrl }}/alertmanager/alertmanagerclustercrashlooping' + summary: 'Half or more of the Alertmanager instances within the same cluster are crashlooping.' + condition: '{{ true }}' + expr: |- + ( + count by (namespace,service,{{ $groupLabels }}) ( + changes(process_start_time_seconds{job="{{ include "vm-k8s-stack.alertmanager.name" . }}",namespace="{{ include "vm.namespace" . }}"}[10m]) > 4 + ) + / + count by (namespace,service,{{ $groupLabels }}) ( + up{job="{{ include "vm-k8s-stack.alertmanager.name" . }}",namespace="{{ include "vm.namespace" . }}"} + ) + ) + >= 0.5 + for: 5m + labels: + severity: critical diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/etcd.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/etcd.yaml new file mode 100644 index 0000000..b867da4 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/etcd.yaml @@ -0,0 +1,171 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ ($Values.kubeEtcd).enabled }}' +name: etcd +rules: +- alert: etcdMembersDown + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": members are down ({{`{{`}} $value {{`}}`}}).' + summary: 'etcd cluster members are down.' + condition: '{{ true }}' + expr: |- + max without (endpoint) ( + sum without (instance) (up{job=~".*etcd.*"} == bool 0) + or + count without (To) ( + sum without (instance) (rate(etcd_network_peer_sent_failures_total{job=~".*etcd.*"}[120s])) > 0.01 + ) + ) + > 0 + for: 20m + labels: + severity: warning +- alert: etcdInsufficientMembers + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": insufficient members ({{`{{`}} $value {{`}}`}}).' + summary: 'etcd cluster has insufficient number of members.' + condition: '{{ true }}' + expr: sum(up{job=~".*etcd.*"} == bool 1) without (instance) < ((count(up{job=~".*etcd.*"}) without (instance) + 1) / 2) + for: 3m + labels: + severity: critical +- alert: etcdNoLeader + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": member {{`{{`}} $labels.instance {{`}}`}} has no leader.' + summary: 'etcd cluster has no leader.' + condition: '{{ true }}' + expr: etcd_server_has_leader{job=~".*etcd.*"} == 0 + for: 1m + labels: + severity: critical +- alert: etcdHighNumberOfLeaderChanges + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}} leader changes within the last 15 minutes. Frequent elections may be a sign of insufficient resources, high network latency, or disruptions by other components and should be investigated.' + summary: 'etcd cluster has high number of leader changes.' + condition: '{{ true }}' + expr: increase((max without (instance) (etcd_server_leader_changes_seen_total{job=~".*etcd.*"}) or 0*absent(etcd_server_leader_changes_seen_total{job=~".*etcd.*"}))[15m:1m]) >= 4 + for: 5m + labels: + severity: warning +- alert: etcdHighNumberOfFailedGRPCRequests + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}}% of requests for {{`{{`}} $labels.grpc_method {{`}}`}} failed on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' + summary: 'etcd cluster has high number of failed grpc requests.' + condition: '{{ true }}' + expr: |- + 100 * sum(rate(grpc_server_handled_total{job=~".*etcd.*", grpc_code=~"Unknown|FailedPrecondition|ResourceExhausted|Internal|Unavailable|DataLoss|DeadlineExceeded"}[5m])) without (grpc_type, grpc_code) + / + sum(rate(grpc_server_handled_total{job=~".*etcd.*"}[5m])) without (grpc_type, grpc_code) + > 1 + for: 10m + labels: + severity: warning +- alert: etcdHighNumberOfFailedGRPCRequests + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}}% of requests for {{`{{`}} $labels.grpc_method {{`}}`}} failed on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' + summary: 'etcd cluster has high number of failed grpc requests.' + condition: '{{ true }}' + expr: |- + 100 * sum(rate(grpc_server_handled_total{job=~".*etcd.*", grpc_code=~"Unknown|FailedPrecondition|ResourceExhausted|Internal|Unavailable|DataLoss|DeadlineExceeded"}[5m])) without (grpc_type, grpc_code) + / + sum(rate(grpc_server_handled_total{job=~".*etcd.*"}[5m])) without (grpc_type, grpc_code) + > 5 + for: 5m + labels: + severity: critical +- alert: etcdGRPCRequestsSlow + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": 99th percentile of gRPC requests is {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}} for {{`{{`}} $labels.grpc_method {{`}}`}} method.' + summary: 'etcd grpc requests are slow' + condition: '{{ true }}' + expr: |- + histogram_quantile(0.99, sum(rate(grpc_server_handling_seconds_bucket{job=~".*etcd.*", grpc_method!="Defragment", grpc_type="unary"}[5m])) without(grpc_type)) + > 0.15 + for: 10m + labels: + severity: critical +- alert: etcdMemberCommunicationSlow + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": member communication with {{`{{`}} $labels.To {{`}}`}} is taking {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' + summary: 'etcd cluster member communication is slow.' + condition: '{{ true }}' + expr: |- + histogram_quantile(0.99, rate(etcd_network_peer_round_trip_time_seconds_bucket{job=~".*etcd.*"}[5m])) + > 0.15 + for: 10m + labels: + severity: warning +- alert: etcdHighNumberOfFailedProposals + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}} proposal failures within the last 30 minutes on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' + summary: 'etcd cluster has high number of proposal failures.' + condition: '{{ true }}' + expr: rate(etcd_server_proposals_failed_total{job=~".*etcd.*"}[15m]) > 5 + for: 15m + labels: + severity: warning +- alert: etcdHighFsyncDurations + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": 99th percentile fsync durations are {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' + summary: 'etcd cluster 99th percentile fsync durations are too high.' + condition: '{{ true }}' + expr: |- + histogram_quantile(0.99, rate(etcd_disk_wal_fsync_duration_seconds_bucket{job=~".*etcd.*"}[5m])) + > 0.5 + for: 10m + labels: + severity: warning +- alert: etcdHighFsyncDurations + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": 99th percentile fsync durations are {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' + summary: 'etcd cluster 99th percentile fsync durations are too high.' + condition: '{{ true }}' + expr: |- + histogram_quantile(0.99, rate(etcd_disk_wal_fsync_duration_seconds_bucket{job=~".*etcd.*"}[5m])) + > 1 + for: 10m + labels: + severity: critical +- alert: etcdHighCommitDurations + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": 99th percentile commit durations {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' + summary: 'etcd cluster 99th percentile commit durations are too high.' + condition: '{{ true }}' + expr: |- + histogram_quantile(0.99, rate(etcd_disk_backend_commit_duration_seconds_bucket{job=~".*etcd.*"}[5m])) + > 0.25 + for: 10m + labels: + severity: warning +- alert: etcdDatabaseQuotaLowSpace + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": database size exceeds the defined quota on etcd instance {{`{{`}} $labels.instance {{`}}`}}, please defrag or increase the quota as the writes to etcd will be disabled when it is full.' + summary: 'etcd cluster database is running full.' + condition: '{{ true }}' + expr: (last_over_time(etcd_mvcc_db_total_size_in_bytes{job=~".*etcd.*"}[5m]) / last_over_time(etcd_server_quota_backend_bytes{job=~".*etcd.*"}[5m]))*100 > 95 + for: 10m + labels: + severity: critical +- alert: etcdExcessiveDatabaseGrowth + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": Predicting running out of disk space in the next four hours, based on write observations within the past four hours on etcd instance {{`{{`}} $labels.instance {{`}}`}}, please check as it might be disruptive.' + summary: 'etcd cluster database growing very fast.' + condition: '{{ true }}' + expr: predict_linear(etcd_mvcc_db_total_size_in_bytes{job=~".*etcd.*"}[4h], 4*60*60) > etcd_server_quota_backend_bytes{job=~".*etcd.*"} + for: 10m + labels: + severity: warning +- alert: etcdDatabaseHighFragmentationRatio + annotations: + description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": database size in use on instance {{`{{`}} $labels.instance {{`}}`}} is {{`{{`}} $value | humanizePercentage {{`}}`}} of the actual allocated disk space, please run defragmentation (e.g. etcdctl defrag) to retrieve the unused fragmented disk space.' + runbook_url: 'https://etcd.io/docs/v3.5/op-guide/maintenance/#defragmentation' + summary: 'etcd database size in use is less than 50% of the actual allocated storage.' + condition: '{{ true }}' + expr: (last_over_time(etcd_mvcc_db_total_size_in_use_in_bytes{job=~".*etcd.*"}[5m]) / last_over_time(etcd_mvcc_db_total_size_in_bytes{job=~".*etcd.*"}[5m])) < 0.5 and etcd_mvcc_db_total_size_in_use_in_bytes{job=~".*etcd.*"} > 104857600 + for: 10m + labels: + severity: warning diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/general.rules.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/general.rules.yaml new file mode 100644 index 0000000..08ca3b7 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/general.rules.yaml @@ -0,0 +1,59 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: general.rules +rules: +- alert: TargetDown + annotations: + description: '{{`{{`}} printf "%.4g" $value {{`}}`}}% of the {{`{{`}} $labels.job {{`}}`}}/{{`{{`}} $labels.service {{`}}`}} targets in {{`{{`}} $labels.namespace {{`}}`}} namespace are down.' + runbook_url: '{{ $runbookUrl }}/general/targetdown' + summary: 'One or more targets are unreachable.' + condition: '{{ true }}' + expr: 100 * (count(up == 0) BY (job,namespace,service,{{ $groupLabels }}) / count(up) BY (job,namespace,service,{{ $groupLabels }})) > 10 + for: 10m + labels: + severity: warning +- alert: Watchdog + annotations: + description: 'This is an alert meant to ensure that the entire alerting pipeline is functional. + + This alert is always firing, therefore it should always be firing in Alertmanager + + and always fire against a receiver. There are integrations with various notification + + mechanisms that send a notification when this alert is not firing. For example the + + "DeadMansSnitch" integration in PagerDuty. + + ' + runbook_url: '{{ $runbookUrl }}/general/watchdog' + summary: 'An alert that should always be firing to certify that Alertmanager is working properly.' + condition: '{{ true }}' + expr: vector(1) + labels: + severity: none +- alert: InfoInhibitor + annotations: + description: 'This is an alert that is used to inhibit info alerts. + + By themselves, the info-level alerts are sometimes very noisy, but they are relevant when combined with + + other alerts. + + This alert fires whenever there''s a severity="info" alert, and stops firing when another alert with a + + severity of ''warning'' or ''critical'' starts firing on the same namespace. + + This alert should be routed to a null receiver and configured to inhibit alerts with severity="info". + + ' + runbook_url: '{{ $runbookUrl }}/general/infoinhibitor' + summary: 'Info-level alert inhibition.' + condition: '{{ true }}' + expr: ALERTS{severity = "info"} == 1 unless on (namespace,{{ $groupLabels }}) ALERTS{alertname != "InfoInhibitor", severity =~ "warning|critical", alertstate="firing"} == 1 + labels: + severity: none diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_cpu_limits.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_cpu_limits.yaml new file mode 100644 index 0000000..a4883a7 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_cpu_limits.yaml @@ -0,0 +1,28 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: k8s.rules.container_cpu_limits +rules: +- condition: '{{ true }}' + expr: |- + kube_pod_container_resource_limits{resource="cpu",job="kube-state-metrics"} * on (namespace,pod,{{ $groupLabels }}) + group_left() max by (namespace,pod,{{ $groupLabels }}) ( + (kube_pod_status_phase{phase=~"Pending|Running"} == 1) + ) + record: cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits +- condition: '{{ true }}' + expr: |- + sum by (namespace,{{ $groupLabels }}) ( + sum by (namespace,pod,{{ $groupLabels }}) ( + max by (namespace,pod,container,{{ $groupLabels }}) ( + kube_pod_container_resource_limits{resource="cpu",job="kube-state-metrics"} + ) * on (namespace,pod,{{ $groupLabels }}) group_left() max by (namespace,pod,{{ $groupLabels }}) ( + kube_pod_status_phase{phase=~"Pending|Running"} == 1 + ) + ) + ) + record: namespace_cpu:kube_pod_container_resource_limits:sum diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_cpu_requests.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_cpu_requests.yaml new file mode 100644 index 0000000..9acf217 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_cpu_requests.yaml @@ -0,0 +1,28 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: k8s.rules.container_cpu_requests +rules: +- condition: '{{ true }}' + expr: |- + kube_pod_container_resource_requests{resource="cpu",job="kube-state-metrics"} * on (namespace,pod,{{ $groupLabels }}) + group_left() max by (namespace,pod,{{ $groupLabels }}) ( + (kube_pod_status_phase{phase=~"Pending|Running"} == 1) + ) + record: cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests +- condition: '{{ true }}' + expr: |- + sum by (namespace,{{ $groupLabels }}) ( + sum by (namespace,pod,{{ $groupLabels }}) ( + max by (namespace,pod,container,{{ $groupLabels }}) ( + kube_pod_container_resource_requests{resource="cpu",job="kube-state-metrics"} + ) * on (namespace,pod,{{ $groupLabels }}) group_left() max by (namespace,pod,{{ $groupLabels }}) ( + kube_pod_status_phase{phase=~"Pending|Running"} == 1 + ) + ) + ) + record: namespace_cpu:kube_pod_container_resource_requests:sum diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_cpu_usage_seconds_total.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_cpu_usage_seconds_total.yaml new file mode 100644 index 0000000..3df305e --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_cpu_usage_seconds_total.yaml @@ -0,0 +1,25 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: k8s.rules.container_cpu_usage_seconds_total +rules: +- condition: '{{ true }}' + expr: |- + sum by (namespace,pod,container,{{ $groupLabels }}) ( + rate(container_cpu_usage_seconds_total{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}[5m]) + ) * on (namespace,pod,{{ $groupLabels }}) group_left(node) topk by (namespace,pod,{{ $groupLabels }}) ( + 1, max by (namespace,pod,node,{{ $groupLabels }}) (kube_pod_info{node!=""}) + ) + record: node_namespace_pod_container:container_cpu_usage_seconds_total:sum_rate5m +- condition: '{{ true }}' + expr: |- + sum by (namespace,pod,container,{{ $groupLabels }}) ( + irate(container_cpu_usage_seconds_total{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}[5m]) + ) * on (namespace,pod,{{ $groupLabels }}) group_left(node) topk by (namespace,pod,{{ $groupLabels }}) ( + 1, max by (namespace,pod,node,{{ $groupLabels }}) (kube_pod_info{node!=""}) + ) + record: node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_cache.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_cache.yaml new file mode 100644 index 0000000..2effe98 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_cache.yaml @@ -0,0 +1,16 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: k8s.rules.container_memory_cache +rules: +- condition: '{{ true }}' + expr: |- + container_memory_cache{job="kubelet", metrics_path="/metrics/cadvisor", image!=""} + * on (namespace,pod,{{ $groupLabels }}) group_left(node) topk by (namespace,pod,{{ $groupLabels }}) (1, + max by (namespace,pod,node,{{ $groupLabels }}) (kube_pod_info{node!=""}) + ) + record: node_namespace_pod_container:container_memory_cache diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_limits.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_limits.yaml new file mode 100644 index 0000000..3e19055 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_limits.yaml @@ -0,0 +1,28 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: k8s.rules.container_memory_limits +rules: +- condition: '{{ true }}' + expr: |- + kube_pod_container_resource_limits{resource="memory",job="kube-state-metrics"} * on (namespace,pod,{{ $groupLabels }}) + group_left() max by (namespace,pod,{{ $groupLabels }}) ( + (kube_pod_status_phase{phase=~"Pending|Running"} == 1) + ) + record: cluster:namespace:pod_memory:active:kube_pod_container_resource_limits +- condition: '{{ true }}' + expr: |- + sum by (namespace,{{ $groupLabels }}) ( + sum by (namespace,pod,{{ $groupLabels }}) ( + max by (namespace,pod,container,{{ $groupLabels }}) ( + kube_pod_container_resource_limits{resource="memory",job="kube-state-metrics"} + ) * on (namespace,pod,{{ $groupLabels }}) group_left() max by (namespace,pod,{{ $groupLabels }}) ( + kube_pod_status_phase{phase=~"Pending|Running"} == 1 + ) + ) + ) + record: namespace_memory:kube_pod_container_resource_limits:sum diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_requests.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_requests.yaml new file mode 100644 index 0000000..bf93418 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_requests.yaml @@ -0,0 +1,28 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: k8s.rules.container_memory_requests +rules: +- condition: '{{ true }}' + expr: |- + kube_pod_container_resource_requests{resource="memory",job="kube-state-metrics"} * on (namespace,pod,{{ $groupLabels }}) + group_left() max by (namespace,pod,{{ $groupLabels }}) ( + (kube_pod_status_phase{phase=~"Pending|Running"} == 1) + ) + record: cluster:namespace:pod_memory:active:kube_pod_container_resource_requests +- condition: '{{ true }}' + expr: |- + sum by (namespace,{{ $groupLabels }}) ( + sum by (namespace,pod,{{ $groupLabels }}) ( + max by (namespace,pod,container,{{ $groupLabels }}) ( + kube_pod_container_resource_requests{resource="memory",job="kube-state-metrics"} + ) * on (namespace,pod,{{ $groupLabels }}) group_left() max by (namespace,pod,{{ $groupLabels }}) ( + kube_pod_status_phase{phase=~"Pending|Running"} == 1 + ) + ) + ) + record: namespace_memory:kube_pod_container_resource_requests:sum diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_rss.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_rss.yaml new file mode 100644 index 0000000..d946fff --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_rss.yaml @@ -0,0 +1,16 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: k8s.rules.container_memory_rss +rules: +- condition: '{{ true }}' + expr: |- + container_memory_rss{job="kubelet", metrics_path="/metrics/cadvisor", image!=""} + * on (namespace,pod,{{ $groupLabels }}) group_left(node) topk by (namespace,pod,{{ $groupLabels }}) (1, + max by (namespace,pod,node,{{ $groupLabels }}) (kube_pod_info{node!=""}) + ) + record: node_namespace_pod_container:container_memory_rss diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_swap.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_swap.yaml new file mode 100644 index 0000000..3b89472 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_swap.yaml @@ -0,0 +1,16 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: k8s.rules.container_memory_swap +rules: +- condition: '{{ true }}' + expr: |- + container_memory_swap{job="kubelet", metrics_path="/metrics/cadvisor", image!=""} + * on (namespace,pod,{{ $groupLabels }}) group_left(node) topk by (namespace,pod,{{ $groupLabels }}) (1, + max by (namespace,pod,node,{{ $groupLabels }}) (kube_pod_info{node!=""}) + ) + record: node_namespace_pod_container:container_memory_swap diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_working_set_bytes.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_working_set_bytes.yaml new file mode 100644 index 0000000..2d19ff2 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.container_memory_working_set_bytes.yaml @@ -0,0 +1,16 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: k8s.rules.container_memory_working_set_bytes +rules: +- condition: '{{ true }}' + expr: |- + container_memory_working_set_bytes{job="kubelet", metrics_path="/metrics/cadvisor", image!=""} + * on (namespace,pod,{{ $groupLabels }}) group_left(node) topk by (namespace,pod,{{ $groupLabels }}) (1, + max by (namespace,pod,node,{{ $groupLabels }}) (kube_pod_info{node!=""}) + ) + record: node_namespace_pod_container:container_memory_working_set_bytes diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.pod_owner.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.pod_owner.yaml new file mode 100644 index 0000000..1f10e0f --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/k8s.rules.pod_owner.yaml @@ -0,0 +1,108 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: k8s.rules.pod_owner +rules: +- condition: '{{ true }}' + expr: |- + max by (namespace,workload,pod,{{ $groupLabels }}) ( + label_replace( + label_replace( + kube_pod_owner{job="kube-state-metrics", owner_kind="ReplicaSet"}, + "replicaset", "$1", "owner_name", "(.*)" + ) * on (replicaset,namespace,{{ $groupLabels }}) group_left(owner_name) topk by (replicaset,namespace,{{ $groupLabels }}) ( + 1, max by (replicaset,namespace,owner_name,{{ $groupLabels }}) ( + kube_replicaset_owner{job="kube-state-metrics", owner_kind=""} + ) + ), + "workload", "$1", "replicaset", "(.*)" + ) + ) + labels: + workload_type: replicaset + record: namespace_workload_pod:kube_pod_owner:relabel +- condition: '{{ true }}' + expr: |- + max by (namespace,workload,pod,{{ $groupLabels }}) ( + label_replace( + label_replace( + kube_pod_owner{job="kube-state-metrics", owner_kind="ReplicaSet"}, + "replicaset", "$1", "owner_name", "(.*)" + ) * on (replicaset,namespace,{{ $groupLabels }}) group_left(owner_name) topk by (replicaset,namespace,{{ $groupLabels }}) ( + 1, max by (replicaset,namespace,owner_name,{{ $groupLabels }}) ( + kube_replicaset_owner{job="kube-state-metrics", owner_kind="Deployment"} + ) + ), + "workload", "$1", "owner_name", "(.*)" + ) + ) + labels: + workload_type: deployment + record: namespace_workload_pod:kube_pod_owner:relabel +- condition: '{{ true }}' + expr: |- + max by (namespace,workload,pod,{{ $groupLabels }}) ( + label_replace( + kube_pod_owner{job="kube-state-metrics", owner_kind="DaemonSet"}, + "workload", "$1", "owner_name", "(.*)" + ) + ) + labels: + workload_type: daemonset + record: namespace_workload_pod:kube_pod_owner:relabel +- condition: '{{ true }}' + expr: |- + max by (namespace,workload,pod,{{ $groupLabels }}) ( + label_replace( + kube_pod_owner{job="kube-state-metrics", owner_kind="StatefulSet"}, + "workload", "$1", "owner_name", "(.*)") + ) + labels: + workload_type: statefulset + record: namespace_workload_pod:kube_pod_owner:relabel +- condition: '{{ true }}' + expr: |- + group by (namespace,workload,pod,{{ $groupLabels }}) ( + label_join( + group by (namespace,job_name,pod,owner_name,{{ $groupLabels }}) ( + label_join( + kube_pod_owner{job="kube-state-metrics", owner_kind="Job"} + , "job_name", "", "owner_name") + ) + * on (namespace,job_name,{{ $groupLabels }}) group_left() + group by (namespace,job_name,{{ $groupLabels }}) ( + kube_job_owner{job="kube-state-metrics", owner_kind=~"Pod|"} + ) + , "workload", "", "owner_name") + ) + labels: + workload_type: job + record: namespace_workload_pod:kube_pod_owner:relabel +- condition: '{{ true }}' + expr: |- + max by (namespace,workload,pod,{{ $groupLabels }}) ( + label_replace( + kube_pod_owner{job="kube-state-metrics", owner_kind="", owner_name=""}, + "workload", "$1", "pod", "(.+)") + ) + labels: + workload_type: barepod + record: namespace_workload_pod:kube_pod_owner:relabel +- condition: '{{ true }}' + expr: |- + max by (namespace,workload,pod,{{ $groupLabels }}) ( + label_replace( + kube_pod_owner{job="kube-state-metrics", owner_kind="Node"}, + "workload", "$1", "pod", "(.+)") + ) + labels: + workload_type: staticpod + record: namespace_workload_pod:kube_pod_owner:relabel +- condition: '{{ true }}' + expr: "group by (namespace,workload,workload_type,pod,{{ $groupLabels }}) (\n label_join(\n label_join(\n group by (namespace,job_name,pod,{{ $groupLabels }}) (\n label_join(\n kube_pod_owner{job=\"kube-state-metrics\", owner_kind=\"Job\"}\n , \"job_name\", \"\", \"owner_name\")\n )\n * on (namespace,job_name,{{ $groupLabels }}) group_left(owner_kind, owner_name)\n group by (namespace,job_name,owner_kind,owner_name,{{ $groupLabels }}) (\n kube_job_owner{job=\"kube-state-metrics\", owner_kind!=\"Pod\", owner_kind!=\"\"}\n )\n , \"workload\", \"\", \"owner_name\")\n , \"workload_type\", \"\", \"owner_kind\")\n \n OR\n\n label_replace(\n label_replace(\n label_replace(\n kube_pod_owner{job=\"kube-state-metrics\", owner_kind=\"ReplicaSet\"}\n , \"replicaset\", \"$1\", \"owner_name\", \"(.+)\"\n )\n * on (namespace,replicaset,{{ $groupLabels }}) group_left(owner_kind, owner_name)\n group by (cluster, namespace, replicaset, owner_kind,\ + \ owner_name) (\n kube_replicaset_owner{job=\"kube-state-metrics\", owner_kind!=\"Deployment\", owner_kind!=\"\"}\n )\n , \"workload\", \"$1\", \"owner_name\", \"(.+)\")\n OR\n label_replace(\n group by (namespace,pod,owner_name,owner_kind,{{ $groupLabels }}) (\n kube_pod_owner{job=\"kube-state-metrics\", owner_kind!=\"ReplicaSet\", owner_kind!=\"DaemonSet\", owner_kind!=\"StatefulSet\", owner_kind!=\"Job\", owner_kind!=\"Node\", owner_kind!=\"\"}\n )\n , \"workload\", \"$1\", \"owner_name\", \"(.+)\"\n )\n , \"workload_type\", \"$1\", \"owner_kind\", \"(.+)\")\n)" + record: namespace_workload_pod:kube_pod_owner:relabel diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-apiserver-availability.rules.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-apiserver-availability.rules.yaml new file mode 100644 index 0000000..86127ca --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-apiserver-availability.rules.yaml @@ -0,0 +1,126 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ ($Values.kubeApiServer).enabled }}' +interval: 3m +name: kube-apiserver-availability.rules +rules: +- condition: '{{ true }}' + expr: avg_over_time(code_verb:apiserver_request_total:increase1h[30d]) * 24 * 30 + record: code_verb:apiserver_request_total:increase30d +- condition: '{{ true }}' + expr: sum by (code,{{ $groupLabels }}) (code_verb:apiserver_request_total:increase30d{verb=~"LIST|GET"}) + labels: + verb: read + record: code:apiserver_request_total:increase30d +- condition: '{{ true }}' + expr: sum by (code,{{ $groupLabels }}) (code_verb:apiserver_request_total:increase30d{verb=~"POST|PUT|PATCH|DELETE"}) + labels: + verb: write + record: code:apiserver_request_total:increase30d +- condition: '{{ true }}' + expr: sum by (verb,scope,le,{{ $groupLabels }}) (increase(apiserver_request_sli_duration_seconds_bucket[1h])) + record: cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase1h +- condition: '{{ true }}' + expr: sum by (verb,scope,le,{{ $groupLabels }}) (avg_over_time(cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase1h[30d]) * 24 * 30) + record: cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase30d +- condition: '{{ true }}' + expr: sum by (verb,scope,{{ $groupLabels }}) (cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase1h{le="+Inf"}) + record: cluster_verb_scope:apiserver_request_sli_duration_seconds_count:increase1h +- condition: '{{ true }}' + expr: sum by (verb,scope,{{ $groupLabels }}) (cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase30d{le="+Inf"}) + record: cluster_verb_scope:apiserver_request_sli_duration_seconds_count:increase30d +- condition: '{{ true }}' + expr: |- + 1 - ( + ( + # write too slow + sum by ({{ $groupLabels }}) (cluster_verb_scope:apiserver_request_sli_duration_seconds_count:increase30d{verb=~"POST|PUT|PATCH|DELETE"}) + - + sum by ({{ $groupLabels }}) (cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase30d{verb=~"POST|PUT|PATCH|DELETE",le=~"1(\\.0)?"} or vector(0)) + ) + + ( + # read too slow + sum by ({{ $groupLabels }}) (cluster_verb_scope:apiserver_request_sli_duration_seconds_count:increase30d{verb=~"LIST|GET"}) + - + ( + sum by ({{ $groupLabels }}) (cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope=~"resource|",le=~"1(\\.0)?"} or vector(0)) + + + sum by ({{ $groupLabels }}) (cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope="namespace",le=~"5(\\.0)?"} or vector(0)) + + + sum by ({{ $groupLabels }}) (cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope="cluster",le=~"30(\\.0)?"} or vector(0)) + ) + ) + + # errors + sum by ({{ $groupLabels }}) (code:apiserver_request_total:increase30d{code=~"5.."} or vector(0)) + ) + / + sum by ({{ $groupLabels }}) (code:apiserver_request_total:increase30d) + labels: + verb: all + record: apiserver_request:availability30d +- condition: '{{ true }}' + expr: |- + 1 - ( + sum by ({{ $groupLabels }}) (cluster_verb_scope:apiserver_request_sli_duration_seconds_count:increase30d{verb=~"LIST|GET"}) + - + ( + # too slow + sum by ({{ $groupLabels }}) (cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope=~"resource|",le=~"1(\\.0)?"} or vector(0)) + + + sum by ({{ $groupLabels }}) (cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope="namespace",le=~"5(\\.0)?"} or vector(0)) + + + sum by ({{ $groupLabels }}) (cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope="cluster",le=~"30(\\.0)?"} or vector(0)) + ) + + + # errors + sum by ({{ $groupLabels }}) (code:apiserver_request_total:increase30d{verb="read",code=~"5.."} or vector(0)) + ) + / + sum by ({{ $groupLabels }}) (code:apiserver_request_total:increase30d{verb="read"}) + labels: + verb: read + record: apiserver_request:availability30d +- condition: '{{ true }}' + expr: |- + 1 - ( + ( + # too slow + sum by ({{ $groupLabels }}) (cluster_verb_scope:apiserver_request_sli_duration_seconds_count:increase30d{verb=~"POST|PUT|PATCH|DELETE"}) + - + sum by ({{ $groupLabels }}) (cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase30d{verb=~"POST|PUT|PATCH|DELETE",le=~"1(\\.0)?"} or vector(0)) + ) + + + # errors + sum by ({{ $groupLabels }}) (code:apiserver_request_total:increase30d{verb="write",code=~"5.."} or vector(0)) + ) + / + sum by ({{ $groupLabels }}) (code:apiserver_request_total:increase30d{verb="write"}) + labels: + verb: write + record: apiserver_request:availability30d +- condition: '{{ true }}' + expr: sum by (code,resource,{{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[5m])) + labels: + verb: read + record: code_resource:apiserver_request_total:rate5m +- condition: '{{ true }}' + expr: sum by (code,resource,{{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[5m])) + labels: + verb: write + record: code_resource:apiserver_request_total:rate5m +- condition: '{{ true }}' + expr: sum by (code,verb,{{ $groupLabels }}) (increase(apiserver_request_total{job="apiserver",verb=~"LIST|GET|POST|PUT|PATCH|DELETE",code=~"2.."}[1h])) + record: code_verb:apiserver_request_total:increase1h +- condition: '{{ true }}' + expr: sum by (code,verb,{{ $groupLabels }}) (increase(apiserver_request_total{job="apiserver",verb=~"LIST|GET|POST|PUT|PATCH|DELETE",code=~"3.."}[1h])) + record: code_verb:apiserver_request_total:increase1h +- condition: '{{ true }}' + expr: sum by (code,verb,{{ $groupLabels }}) (increase(apiserver_request_total{job="apiserver",verb=~"LIST|GET|POST|PUT|PATCH|DELETE",code=~"4.."}[1h])) + record: code_verb:apiserver_request_total:increase1h +- condition: '{{ true }}' + expr: sum by (code,verb,{{ $groupLabels }}) (increase(apiserver_request_total{job="apiserver",verb=~"LIST|GET|POST|PUT|PATCH|DELETE",code=~"5.."}[1h])) + record: code_verb:apiserver_request_total:increase1h diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-apiserver-burnrate.rules.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-apiserver-burnrate.rules.yaml new file mode 100644 index 0000000..306b42e --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-apiserver-burnrate.rules.yaml @@ -0,0 +1,324 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ ($Values.kubeApiServer).enabled }}' +name: kube-apiserver-burnrate.rules +rules: +- condition: '{{ true }}' + expr: |- + ( + ( + # too slow + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[1d])) + - + ( + ( + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le=~"1(\\.0)?"}[1d])) + or + vector(0) + ) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le=~"5(\\.0)?"}[1d])) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le=~"30(\\.0)?"}[1d])) + ) + ) + + + # errors + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[1d])) + ) + / + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[1d])) + labels: + verb: read + record: apiserver_request:burnrate1d +- condition: '{{ true }}' + expr: |- + ( + ( + # too slow + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[1h])) + - + ( + ( + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le=~"1(\\.0)?"}[1h])) + or + vector(0) + ) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le=~"5(\\.0)?"}[1h])) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le=~"30(\\.0)?"}[1h])) + ) + ) + + + # errors + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[1h])) + ) + / + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[1h])) + labels: + verb: read + record: apiserver_request:burnrate1h +- condition: '{{ true }}' + expr: |- + ( + ( + # too slow + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[2h])) + - + ( + ( + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le=~"1(\\.0)?"}[2h])) + or + vector(0) + ) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le=~"5(\\.0)?"}[2h])) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le=~"30(\\.0)?"}[2h])) + ) + ) + + + # errors + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[2h])) + ) + / + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[2h])) + labels: + verb: read + record: apiserver_request:burnrate2h +- condition: '{{ true }}' + expr: |- + ( + ( + # too slow + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[30m])) + - + ( + ( + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le=~"1(\\.0)?"}[30m])) + or + vector(0) + ) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le=~"5(\\.0)?"}[30m])) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le=~"30(\\.0)?"}[30m])) + ) + ) + + + # errors + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[30m])) + ) + / + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[30m])) + labels: + verb: read + record: apiserver_request:burnrate30m +- condition: '{{ true }}' + expr: |- + ( + ( + # too slow + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[3d])) + - + ( + ( + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le=~"1(\\.0)?"}[3d])) + or + vector(0) + ) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le=~"5(\\.0)?"}[3d])) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le=~"30(\\.0)?"}[3d])) + ) + ) + + + # errors + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[3d])) + ) + / + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[3d])) + labels: + verb: read + record: apiserver_request:burnrate3d +- condition: '{{ true }}' + expr: |- + ( + ( + # too slow + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[5m])) + - + ( + ( + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le=~"1(\\.0)?"}[5m])) + or + vector(0) + ) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le=~"5(\\.0)?"}[5m])) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le=~"30(\\.0)?"}[5m])) + ) + ) + + + # errors + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[5m])) + ) + / + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[5m])) + labels: + verb: read + record: apiserver_request:burnrate5m +- condition: '{{ true }}' + expr: |- + ( + ( + # too slow + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[6h])) + - + ( + ( + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le=~"1(\\.0)?"}[6h])) + or + vector(0) + ) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le=~"5(\\.0)?"}[6h])) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le=~"30(\\.0)?"}[6h])) + ) + ) + + + # errors + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[6h])) + ) + / + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[6h])) + labels: + verb: read + record: apiserver_request:burnrate6h +- condition: '{{ true }}' + expr: |- + ( + ( + # too slow + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[1d])) + - + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le=~"1(\\.0)?"}[1d])) + ) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[1d])) + ) + / + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[1d])) + labels: + verb: write + record: apiserver_request:burnrate1d +- condition: '{{ true }}' + expr: |- + ( + ( + # too slow + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[1h])) + - + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le=~"1(\\.0)?"}[1h])) + ) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[1h])) + ) + / + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[1h])) + labels: + verb: write + record: apiserver_request:burnrate1h +- condition: '{{ true }}' + expr: |- + ( + ( + # too slow + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[2h])) + - + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le=~"1(\\.0)?"}[2h])) + ) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[2h])) + ) + / + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[2h])) + labels: + verb: write + record: apiserver_request:burnrate2h +- condition: '{{ true }}' + expr: |- + ( + ( + # too slow + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[30m])) + - + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le=~"1(\\.0)?"}[30m])) + ) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[30m])) + ) + / + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[30m])) + labels: + verb: write + record: apiserver_request:burnrate30m +- condition: '{{ true }}' + expr: |- + ( + ( + # too slow + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[3d])) + - + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le=~"1(\\.0)?"}[3d])) + ) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[3d])) + ) + / + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[3d])) + labels: + verb: write + record: apiserver_request:burnrate3d +- condition: '{{ true }}' + expr: |- + ( + ( + # too slow + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[5m])) + - + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le=~"1(\\.0)?"}[5m])) + ) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[5m])) + ) + / + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[5m])) + labels: + verb: write + record: apiserver_request:burnrate5m +- condition: '{{ true }}' + expr: |- + ( + ( + # too slow + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[6h])) + - + sum by ({{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le=~"1(\\.0)?"}[6h])) + ) + + + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[6h])) + ) + / + sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[6h])) + labels: + verb: write + record: apiserver_request:burnrate6h diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-apiserver-histogram.rules.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-apiserver-histogram.rules.yaml new file mode 100644 index 0000000..2c74c3a --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-apiserver-histogram.rules.yaml @@ -0,0 +1,21 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ ($Values.kubeApiServer).enabled }}' +name: kube-apiserver-histogram.rules +rules: +- condition: '{{ true }}' + expr: histogram_quantile(0.99, sum by (le,resource,{{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[5m]))) > 0 + labels: + quantile: '0.99' + verb: read + record: cluster_quantile:apiserver_request_sli_duration_seconds:histogram_quantile +- condition: '{{ true }}' + expr: histogram_quantile(0.99, sum by (le,resource,{{ $groupLabels }}) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[5m]))) > 0 + labels: + quantile: '0.99' + verb: write + record: cluster_quantile:apiserver_request_sli_duration_seconds:histogram_quantile diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-apiserver-slos.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-apiserver-slos.yaml new file mode 100644 index 0000000..34c5a96 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-apiserver-slos.yaml @@ -0,0 +1,69 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ ($Values.kubeApiServer).enabled }}' +name: kube-apiserver-slos +rules: +- alert: KubeAPIErrorBudgetBurn + annotations: + description: 'The API server is burning too much error budget on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeapierrorbudgetburn' + summary: 'The API server is burning too much error budget.' + condition: '{{ true }}' + expr: |- + sum by ({{ $groupLabels }}) (apiserver_request:burnrate1h) > (14.40 * 0.01000) + and on ({{ $groupLabels }}) + sum by ({{ $groupLabels }}) (apiserver_request:burnrate5m) > (14.40 * 0.01000) + for: 2m + labels: + long: 1h + severity: critical + short: 5m +- alert: KubeAPIErrorBudgetBurn + annotations: + description: 'The API server is burning too much error budget on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeapierrorbudgetburn' + summary: 'The API server is burning too much error budget.' + condition: '{{ true }}' + expr: |- + sum by ({{ $groupLabels }}) (apiserver_request:burnrate6h) > (6.00 * 0.01000) + and on ({{ $groupLabels }}) + sum by ({{ $groupLabels }}) (apiserver_request:burnrate30m) > (6.00 * 0.01000) + for: 15m + labels: + long: 6h + severity: critical + short: 30m +- alert: KubeAPIErrorBudgetBurn + annotations: + description: 'The API server is burning too much error budget on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeapierrorbudgetburn' + summary: 'The API server is burning too much error budget.' + condition: '{{ true }}' + expr: |- + sum by ({{ $groupLabels }}) (apiserver_request:burnrate1d) > (3.00 * 0.01000) + and on ({{ $groupLabels }}) + sum by ({{ $groupLabels }}) (apiserver_request:burnrate2h) > (3.00 * 0.01000) + for: 1h + labels: + long: 1d + severity: warning + short: 2h +- alert: KubeAPIErrorBudgetBurn + annotations: + description: 'The API server is burning too much error budget on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeapierrorbudgetburn' + summary: 'The API server is burning too much error budget.' + condition: '{{ true }}' + expr: |- + sum by ({{ $groupLabels }}) (apiserver_request:burnrate3d) > (1.00 * 0.01000) + and on ({{ $groupLabels }}) + sum by ({{ $groupLabels }}) (apiserver_request:burnrate6h) > (1.00 * 0.01000) + for: 3h + labels: + long: 3d + severity: warning + short: 6h diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-prometheus-general.rules.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-prometheus-general.rules.yaml new file mode 100644 index 0000000..11c6bef --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-prometheus-general.rules.yaml @@ -0,0 +1,15 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: kube-prometheus-general.rules +rules: +- condition: '{{ true }}' + expr: count without(instance, pod, node) (up == 1) + record: count:up1 +- condition: '{{ true }}' + expr: count without(instance, pod, node) (up == 0) + record: count:up0 diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-prometheus-node-recording.rules.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-prometheus-node-recording.rules.yaml new file mode 100644 index 0000000..f541880 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-prometheus-node-recording.rules.yaml @@ -0,0 +1,27 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: kube-prometheus-node-recording.rules +rules: +- condition: '{{ true }}' + expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal"}[3m])) BY (instance,{{ $groupLabels }}) + record: instance:node_cpu:rate:sum +- condition: '{{ true }}' + expr: sum(rate(node_network_receive_bytes_total[3m])) BY (instance,{{ $groupLabels }}) + record: instance:node_network_receive_bytes:rate:sum +- condition: '{{ true }}' + expr: sum(rate(node_network_transmit_bytes_total[3m])) BY (instance,{{ $groupLabels }}) + record: instance:node_network_transmit_bytes:rate:sum +- condition: '{{ true }}' + expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal"}[5m])) WITHOUT (cpu, mode) / ON (instance,{{ $groupLabels }}) GROUP_LEFT() count(sum(node_cpu_seconds_total) BY (instance,cpu,{{ $groupLabels }})) BY (instance,{{ $groupLabels }}) + record: instance:node_cpu:ratio +- condition: '{{ true }}' + expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal"}[5m])) BY ({{ $groupLabels }}) + record: cluster:node_cpu:sum_rate5m +- condition: '{{ true }}' + expr: cluster:node_cpu:sum_rate5m / count(sum(node_cpu_seconds_total) BY (instance,cpu,{{ $groupLabels }})) BY ({{ $groupLabels }}) + record: cluster:node_cpu:ratio diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-scheduler.rules.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-scheduler.rules.yaml new file mode 100644 index 0000000..aecc8bc --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-scheduler.rules.yaml @@ -0,0 +1,54 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ ($Values.kubeScheduler).enabled }}' +name: kube-scheduler.rules +rules: +- condition: '{{ true }}' + expr: histogram_quantile(0.99, sum(rate(scheduler_e2e_scheduling_duration_seconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) + labels: + quantile: '0.99' + record: cluster_quantile:scheduler_e2e_scheduling_duration_seconds:histogram_quantile +- condition: '{{ true }}' + expr: histogram_quantile(0.99, sum(rate(scheduler_scheduling_algorithm_duration_seconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) + labels: + quantile: '0.99' + record: cluster_quantile:scheduler_scheduling_algorithm_duration_seconds:histogram_quantile +- condition: '{{ true }}' + expr: histogram_quantile(0.99, sum(rate(scheduler_binding_duration_seconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) + labels: + quantile: '0.99' + record: cluster_quantile:scheduler_binding_duration_seconds:histogram_quantile +- condition: '{{ true }}' + expr: histogram_quantile(0.9, sum(rate(scheduler_e2e_scheduling_duration_seconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) + labels: + quantile: '0.9' + record: cluster_quantile:scheduler_e2e_scheduling_duration_seconds:histogram_quantile +- condition: '{{ true }}' + expr: histogram_quantile(0.9, sum(rate(scheduler_scheduling_algorithm_duration_seconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) + labels: + quantile: '0.9' + record: cluster_quantile:scheduler_scheduling_algorithm_duration_seconds:histogram_quantile +- condition: '{{ true }}' + expr: histogram_quantile(0.9, sum(rate(scheduler_binding_duration_seconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) + labels: + quantile: '0.9' + record: cluster_quantile:scheduler_binding_duration_seconds:histogram_quantile +- condition: '{{ true }}' + expr: histogram_quantile(0.5, sum(rate(scheduler_e2e_scheduling_duration_seconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) + labels: + quantile: '0.5' + record: cluster_quantile:scheduler_e2e_scheduling_duration_seconds:histogram_quantile +- condition: '{{ true }}' + expr: histogram_quantile(0.5, sum(rate(scheduler_scheduling_algorithm_duration_seconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) + labels: + quantile: '0.5' + record: cluster_quantile:scheduler_scheduling_algorithm_duration_seconds:histogram_quantile +- condition: '{{ true }}' + expr: histogram_quantile(0.5, sum(rate(scheduler_binding_duration_seconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) + labels: + quantile: '0.5' + record: cluster_quantile:scheduler_binding_duration_seconds:histogram_quantile diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-state-metrics.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-state-metrics.yaml new file mode 100644 index 0000000..27f9733 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kube-state-metrics.yaml @@ -0,0 +1,61 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: kube-state-metrics +rules: +- alert: KubeStateMetricsListErrors + annotations: + description: 'kube-state-metrics is experiencing errors at an elevated rate in list operations. This is likely causing it to not be able to expose metrics about Kubernetes objects correctly or at all.' + runbook_url: '{{ $runbookUrl }}/kube-state-metrics/kubestatemetricslisterrors' + summary: 'kube-state-metrics is experiencing errors in list operations.' + condition: '{{ true }}' + expr: |- + (sum(rate(kube_state_metrics_list_total{job="kube-state-metrics",result="error"}[5m])) by ({{ $groupLabels }}) + / + sum(rate(kube_state_metrics_list_total{job="kube-state-metrics"}[5m])) by ({{ $groupLabels }})) + > 0.01 + for: 15m + labels: + severity: critical +- alert: KubeStateMetricsWatchErrors + annotations: + description: 'kube-state-metrics is experiencing errors at an elevated rate in watch operations. This is likely causing it to not be able to expose metrics about Kubernetes objects correctly or at all.' + runbook_url: '{{ $runbookUrl }}/kube-state-metrics/kubestatemetricswatcherrors' + summary: 'kube-state-metrics is experiencing errors in watch operations.' + condition: '{{ true }}' + expr: |- + (sum(rate(kube_state_metrics_watch_total{job="kube-state-metrics",result="error"}[5m])) by ({{ $groupLabels }}) + / + sum(rate(kube_state_metrics_watch_total{job="kube-state-metrics"}[5m])) by ({{ $groupLabels }})) + > 0.01 + for: 15m + labels: + severity: critical +- alert: KubeStateMetricsShardingMismatch + annotations: + description: 'kube-state-metrics pods are running with different --total-shards configuration, some Kubernetes objects may be exposed multiple times or not exposed at all.' + runbook_url: '{{ $runbookUrl }}/kube-state-metrics/kubestatemetricsshardingmismatch' + summary: 'kube-state-metrics sharding is misconfigured.' + condition: '{{ true }}' + expr: stdvar (kube_state_metrics_total_shards{job="kube-state-metrics"}) by ({{ $groupLabels }}) != 0 + for: 15m + labels: + severity: critical +- alert: KubeStateMetricsShardsMissing + annotations: + description: 'kube-state-metrics shards are missing, some Kubernetes objects are not being exposed.' + runbook_url: '{{ $runbookUrl }}/kube-state-metrics/kubestatemetricsshardsmissing' + summary: 'kube-state-metrics shards are missing.' + condition: '{{ true }}' + expr: |- + 2^max(kube_state_metrics_total_shards{job="kube-state-metrics"}) by ({{ $groupLabels }}) - 1 + - + sum( 2 ^ max by (shard_ordinal,{{ $groupLabels }}) (kube_state_metrics_shard_ordinal{job="kube-state-metrics"}) ) by ({{ $groupLabels }}) + != 0 + for: 15m + labels: + severity: critical diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kubelet.rules.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubelet.rules.yaml new file mode 100644 index 0000000..c90d3d7 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubelet.rules.yaml @@ -0,0 +1,24 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ ($Values.kubelet).enabled }}' +name: kubelet.rules +rules: +- condition: '{{ true }}' + expr: histogram_quantile(0.99, sum(rate(kubelet_pleg_relist_duration_seconds_bucket{job="kubelet", metrics_path="/metrics"}[5m])) by (instance,le,{{ $groupLabels }}) * on (instance,{{ $groupLabels }}) group_left(node) kubelet_node_name{job="kubelet", metrics_path="/metrics"}) + labels: + quantile: '0.99' + record: node_quantile:kubelet_pleg_relist_duration_seconds:histogram_quantile +- condition: '{{ true }}' + expr: histogram_quantile(0.9, sum(rate(kubelet_pleg_relist_duration_seconds_bucket{job="kubelet", metrics_path="/metrics"}[5m])) by (instance,le,{{ $groupLabels }}) * on (instance,{{ $groupLabels }}) group_left(node) kubelet_node_name{job="kubelet", metrics_path="/metrics"}) + labels: + quantile: '0.9' + record: node_quantile:kubelet_pleg_relist_duration_seconds:histogram_quantile +- condition: '{{ true }}' + expr: histogram_quantile(0.5, sum(rate(kubelet_pleg_relist_duration_seconds_bucket{job="kubelet", metrics_path="/metrics"}[5m])) by (instance,le,{{ $groupLabels }}) * on (instance,{{ $groupLabels }}) group_left(node) kubelet_node_name{job="kubelet", metrics_path="/metrics"}) + labels: + quantile: '0.5' + record: node_quantile:kubelet_pleg_relist_duration_seconds:histogram_quantile diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-apps.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-apps.yaml new file mode 100644 index 0000000..6565806 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-apps.yaml @@ -0,0 +1,279 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: kubernetes-apps +rules: +- alert: KubePodCrashLooping + annotations: + description: 'Pod {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}} ({{`{{`}} $labels.container {{`}}`}}) is in waiting state (reason: "CrashLoopBackOff") on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubepodcrashlooping' + summary: 'Pod is crash looping.' + condition: '{{ true }}' + expr: max_over_time(kube_pod_container_status_waiting_reason{reason="CrashLoopBackOff", job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"}[5m]) >= 1 + for: 15m + labels: + severity: warning +- alert: KubePodNotReady + annotations: + description: 'Pod {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}} has been in a non-ready state for longer than 15 minutes on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubepodnotready' + summary: 'Pod has been in a non-ready state for more than 15 minutes.' + condition: '{{ true }}' + expr: |- + sum by (namespace,pod,{{ $groupLabels }}) ( + max by (namespace,pod,{{ $groupLabels }}) ( + kube_pod_status_phase{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}", phase=~"Pending|Unknown|Failed"} + ) * on (namespace,pod,{{ $groupLabels }}) group_left(owner_kind) topk by (namespace,pod,{{ $groupLabels }}) ( + 1, max by (namespace,pod,owner_kind,{{ $groupLabels }}) (kube_pod_owner{owner_kind!="Job"}) + ) + ) > 0 + for: 15m + labels: + severity: warning +- alert: KubeDeploymentGenerationMismatch + annotations: + description: 'Deployment generation for {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.deployment {{`}}`}} does not match, this indicates that the Deployment has failed but has not been rolled back on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubedeploymentgenerationmismatch' + summary: 'Deployment generation mismatch due to possible roll-back' + condition: '{{ true }}' + expr: |- + kube_deployment_status_observed_generation{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + != + kube_deployment_metadata_generation{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + for: 15m + labels: + severity: warning +- alert: KubeDeploymentReplicasMismatch + annotations: + description: 'Deployment {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.deployment {{`}}`}} has not matched the expected number of replicas for longer than 15 minutes on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubedeploymentreplicasmismatch' + summary: 'Deployment has not matched the expected number of replicas.' + condition: '{{ true }}' + expr: |- + ( + kube_deployment_spec_replicas{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + > + kube_deployment_status_replicas_available{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + ) and ( + changes(kube_deployment_status_replicas_updated{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"}[10m]) + == + 0 + ) + for: 15m + labels: + severity: warning +- alert: KubeDeploymentRolloutStuck + annotations: + description: 'Rollout of deployment {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.deployment {{`}}`}} is not progressing for longer than 15 minutes on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubedeploymentrolloutstuck' + summary: 'Deployment rollout is not progressing.' + condition: '{{ true }}' + expr: |- + kube_deployment_status_condition{condition="Progressing", status="false",job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + != 0 + for: 15m + labels: + severity: warning +- alert: KubeStatefulSetReplicasMismatch + annotations: + description: 'StatefulSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.statefulset {{`}}`}} has not matched the expected number of replicas for longer than 15 minutes on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubestatefulsetreplicasmismatch' + summary: 'StatefulSet has not matched the expected number of replicas.' + condition: '{{ true }}' + expr: |- + ( + kube_statefulset_status_replicas_ready{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + != + kube_statefulset_replicas{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + ) and ( + changes(kube_statefulset_status_replicas_updated{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"}[10m]) + == + 0 + ) + for: 15m + labels: + severity: warning +- alert: KubeStatefulSetGenerationMismatch + annotations: + description: 'StatefulSet generation for {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.statefulset {{`}}`}} does not match, this indicates that the StatefulSet has failed but has not been rolled back on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubestatefulsetgenerationmismatch' + summary: 'StatefulSet generation mismatch due to possible roll-back' + condition: '{{ true }}' + expr: |- + kube_statefulset_status_observed_generation{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + != + kube_statefulset_metadata_generation{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + for: 15m + labels: + severity: warning +- alert: KubeStatefulSetUpdateNotRolledOut + annotations: + description: 'StatefulSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.statefulset {{`}}`}} update has not been rolled out on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubestatefulsetupdatenotrolledout' + summary: 'StatefulSet update has not been rolled out.' + condition: '{{ true }}' + expr: |- + ( + max by (namespace,statefulset,job,{{ $groupLabels }}) ( + kube_statefulset_status_current_revision{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + unless + kube_statefulset_status_update_revision{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + ) + * + ( + kube_statefulset_replicas{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + != + kube_statefulset_status_replicas_updated{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + ) + ) and ( + changes(kube_statefulset_status_replicas_updated{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"}[5m]) + == + 0 + ) + for: 15m + labels: + severity: warning +- alert: KubeDaemonSetRolloutStuck + annotations: + description: 'DaemonSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.daemonset {{`}}`}} has not finished or progressed for at least 15m on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubedaemonsetrolloutstuck' + summary: 'DaemonSet rollout is stuck.' + condition: '{{ true }}' + expr: |- + ( + ( + kube_daemonset_status_current_number_scheduled{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + != + kube_daemonset_status_desired_number_scheduled{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + ) or ( + kube_daemonset_status_number_misscheduled{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + != + 0 + ) or ( + kube_daemonset_status_updated_number_scheduled{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + != + kube_daemonset_status_desired_number_scheduled{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + ) or ( + kube_daemonset_status_number_available{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + != + kube_daemonset_status_desired_number_scheduled{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + ) + ) and ( + changes(kube_daemonset_status_updated_number_scheduled{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"}[5m]) + == + 0 + ) + for: 15m + labels: + severity: warning +- alert: KubeContainerWaiting + annotations: + description: 'pod/{{`{{`}} $labels.pod {{`}}`}} in namespace {{`{{`}} $labels.namespace {{`}}`}} on container {{`{{`}} $labels.container{{`}}`}} has been in waiting state for longer than 1 hour. (reason: "{{`{{`}} $labels.reason {{`}}`}}") on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubecontainerwaiting' + summary: 'Pod container waiting longer than 1 hour' + condition: '{{ true }}' + expr: kube_pod_container_status_waiting_reason{reason!="CrashLoopBackOff", job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} > 0 + for: 1h + labels: + severity: warning +- alert: KubeDaemonSetNotScheduled + annotations: + description: '{{`{{`}} $value {{`}}`}} Pods of DaemonSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.daemonset {{`}}`}} are not scheduled on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubedaemonsetnotscheduled' + summary: 'DaemonSet pods are not scheduled.' + condition: '{{ true }}' + expr: |- + kube_daemonset_status_desired_number_scheduled{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + - + kube_daemonset_status_current_number_scheduled{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} > 0 + for: 10m + labels: + severity: warning +- alert: KubeDaemonSetMisScheduled + annotations: + description: '{{`{{`}} $value {{`}}`}} Pods of DaemonSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.daemonset {{`}}`}} are running where they are not supposed to run on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubedaemonsetmisscheduled' + summary: 'DaemonSet pods are misscheduled.' + condition: '{{ true }}' + expr: kube_daemonset_status_number_misscheduled{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} > 0 + for: 15m + labels: + severity: warning +- alert: KubeJobNotCompleted + annotations: + description: 'Job {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.job_name {{`}}`}} is taking more than {{`{{`}} "43200" | humanizeDuration {{`}}`}} to complete on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubejobnotcompleted' + summary: 'Job did not complete in time' + condition: '{{ true }}' + expr: |- + time() - max by (namespace,job_name,{{ $groupLabels }}) (kube_job_status_start_time{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + and + kube_job_status_active{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} > 0) > 43200 + labels: + severity: warning +- alert: KubeJobFailed + annotations: + description: 'Job {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.job_name {{`}}`}} failed to complete. Removing failed job after investigation should clear this alert on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubejobfailed' + summary: 'Job failed to complete.' + condition: '{{ true }}' + expr: kube_job_failed{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} > 0 + for: 15m + labels: + severity: warning +- alert: KubeHpaReplicasMismatch + annotations: + description: 'HPA {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.horizontalpodautoscaler {{`}}`}} has not matched the desired number of replicas for longer than 15 minutes on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubehpareplicasmismatch' + summary: 'HPA has not matched desired number of replicas.' + condition: '{{ true }}' + expr: |- + (kube_horizontalpodautoscaler_status_desired_replicas{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + != + kube_horizontalpodautoscaler_status_current_replicas{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"}) + and + (kube_horizontalpodautoscaler_status_current_replicas{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + > + kube_horizontalpodautoscaler_spec_min_replicas{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"}) + and + (kube_horizontalpodautoscaler_status_current_replicas{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + < + kube_horizontalpodautoscaler_spec_max_replicas{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"}) + and + changes(kube_horizontalpodautoscaler_status_current_replicas{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"}[15m]) == 0 + for: 15m + labels: + severity: warning +- alert: KubeHpaMaxedOut + annotations: + description: 'HPA {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.horizontalpodautoscaler {{`}}`}} has been running at max replicas for longer than 15 minutes on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubehpamaxedout' + summary: 'HPA is running at max replicas' + condition: '{{ true }}' + expr: |- + kube_horizontalpodautoscaler_status_current_replicas{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + == + kube_horizontalpodautoscaler_spec_max_replicas{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + for: 15m + labels: + severity: warning +- alert: KubePdbNotEnoughHealthyPods + annotations: + description: 'PDB {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}/{{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.poddisruptionbudget {{`}}`}} expects {{`{{`}} $value {{`}}`}} more healthy pods. The desired number of healthy pods has not been met for at least 15m.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubepdbnotenoughhealthypods' + summary: 'PDB does not have enough healthy pods.' + condition: '{{ true }}' + expr: |- + ( + kube_poddisruptionbudget_status_desired_healthy{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + - + kube_poddisruptionbudget_status_current_healthy{job="kube-state-metrics", namespace=~"{{ .targetNamespace }}"} + ) + > 0 + for: 15m + labels: + severity: warning diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-resources.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-resources.yaml new file mode 100644 index 0000000..19d8ae7 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-resources.yaml @@ -0,0 +1,119 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: kubernetes-resources +rules: +- alert: KubeCPUOvercommit + annotations: + description: 'Cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}} has overcommitted CPU resource requests for Pods by {{`{{`}} printf "%.2f" $value {{`}}`}} CPU shares and cannot tolerate node failure.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubecpuovercommit' + summary: 'Cluster has overcommitted CPU resource requests.' + condition: '{{ true }}' + expr: |- + sum(namespace_cpu:kube_pod_container_resource_requests:sum{}) by ({{ $groupLabels }}) - (sum(kube_node_status_allocatable{job="kube-state-metrics",resource="cpu"}) by ({{ $groupLabels }}) - max(kube_node_status_allocatable{job="kube-state-metrics",resource="cpu"}) by ({{ $groupLabels }})) > 0 + and + (sum(kube_node_status_allocatable{job="kube-state-metrics",resource="cpu"}) by ({{ $groupLabels }}) - max(kube_node_status_allocatable{job="kube-state-metrics",resource="cpu"}) by ({{ $groupLabels }})) > 0 + for: 10m + labels: + severity: warning +- alert: KubeMemoryOvercommit + annotations: + description: 'Cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}} has overcommitted memory resource requests for Pods by {{`{{`}} $value | humanize {{`}}`}} bytes and cannot tolerate node failure.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubememoryovercommit' + summary: 'Cluster has overcommitted memory resource requests.' + condition: '{{ true }}' + expr: |- + sum(namespace_memory:kube_pod_container_resource_requests:sum{}) by ({{ $groupLabels }}) - (sum(kube_node_status_allocatable{resource="memory", job="kube-state-metrics"}) by ({{ $groupLabels }}) - max(kube_node_status_allocatable{resource="memory", job="kube-state-metrics"}) by ({{ $groupLabels }})) > 0 + and + (sum(kube_node_status_allocatable{resource="memory", job="kube-state-metrics"}) by ({{ $groupLabels }}) - max(kube_node_status_allocatable{resource="memory", job="kube-state-metrics"}) by ({{ $groupLabels }})) > 0 + for: 10m + labels: + severity: warning +- alert: KubeCPUQuotaOvercommit + annotations: + description: 'Cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}} has overcommitted CPU resource requests for Namespaces.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubecpuquotaovercommit' + summary: 'Cluster has overcommitted CPU resource requests.' + condition: '{{ true }}' + expr: |- + sum(min without(resource) (kube_resourcequota{job="kube-state-metrics", type="hard", resource=~"(cpu|requests.cpu)"})) by ({{ $groupLabels }}) + / + sum(kube_node_status_allocatable{resource="cpu", job="kube-state-metrics"}) by ({{ $groupLabels }}) + > 1.5 + for: 5m + labels: + severity: warning +- alert: KubeMemoryQuotaOvercommit + annotations: + description: 'Cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}} has overcommitted memory resource requests for Namespaces.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubememoryquotaovercommit' + summary: 'Cluster has overcommitted memory resource requests.' + condition: '{{ true }}' + expr: |- + sum(min without(resource) (kube_resourcequota{job="kube-state-metrics", type="hard", resource=~"(memory|requests.memory)"})) by ({{ $groupLabels }}) + / + sum(kube_node_status_allocatable{resource="memory", job="kube-state-metrics"}) by ({{ $groupLabels }}) + > 1.5 + for: 5m + labels: + severity: warning +- alert: KubeQuotaAlmostFull + annotations: + description: 'Namespace {{`{{`}} $labels.namespace {{`}}`}} is using {{`{{`}} $value | humanizePercentage {{`}}`}} of its {{`{{`}} $labels.resource {{`}}`}} quota on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubequotaalmostfull' + summary: 'Namespace quota is going to be full.' + condition: '{{ true }}' + expr: |- + kube_resourcequota{job="kube-state-metrics", type="used"} + / ignoring(instance, job, type) + (kube_resourcequota{job="kube-state-metrics", type="hard"} > 0) + > 0.9 < 1 + for: 15m + labels: + severity: info +- alert: KubeQuotaFullyUsed + annotations: + description: 'Namespace {{`{{`}} $labels.namespace {{`}}`}} is using {{`{{`}} $value | humanizePercentage {{`}}`}} of its {{`{{`}} $labels.resource {{`}}`}} quota on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubequotafullyused' + summary: 'Namespace quota is fully used.' + condition: '{{ true }}' + expr: |- + kube_resourcequota{job="kube-state-metrics", type="used"} + / ignoring(instance, job, type) + (kube_resourcequota{job="kube-state-metrics", type="hard"} > 0) + == 1 + for: 15m + labels: + severity: info +- alert: KubeQuotaExceeded + annotations: + description: 'Namespace {{`{{`}} $labels.namespace {{`}}`}} is using {{`{{`}} $value | humanizePercentage {{`}}`}} of its {{`{{`}} $labels.resource {{`}}`}} quota on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubequotaexceeded' + summary: 'Namespace quota has exceeded the limits.' + condition: '{{ true }}' + expr: |- + kube_resourcequota{job="kube-state-metrics", type="used"} + / ignoring(instance, job, type) + (kube_resourcequota{job="kube-state-metrics", type="hard"} > 0) + > 1 + for: 15m + labels: + severity: warning +- alert: CPUThrottlingHigh + annotations: + description: '{{`{{`}} $value | humanizePercentage {{`}}`}} throttling of CPU in namespace {{`{{`}} $labels.namespace {{`}}`}} for container {{`{{`}} $labels.container {{`}}`}} in pod {{`{{`}} $labels.pod {{`}}`}} on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/cputhrottlinghigh' + summary: 'Processes experience elevated CPU throttling.' + condition: '{{ true }}' + expr: |- + sum(increase(container_cpu_cfs_throttled_periods_total{container!="", job="kubelet", metrics_path="/metrics/cadvisor", }[5m])) without (id, metrics_path, name, image, endpoint, job, node) + / on (namespace,pod,container,instance,{{ $groupLabels }}) group_left + sum(increase(container_cpu_cfs_periods_total{job="kubelet", metrics_path="/metrics/cadvisor", }[5m])) without (id, metrics_path, name, image, endpoint, job, node) + > ( 25 / 100 ) + for: 15m + labels: + severity: info diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-storage.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-storage.yaml new file mode 100644 index 0000000..5021d5a --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-storage.yaml @@ -0,0 +1,107 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: kubernetes-storage +rules: +- alert: KubePersistentVolumeFillingUp + annotations: + description: 'The PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} {{`{{`}} with $labels.{{ $clusterLabel }} -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} is only {{`{{`}} $value | humanizePercentage {{`}}`}} free.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubepersistentvolumefillingup' + summary: 'PersistentVolume is filling up.' + condition: '{{ true }}' + expr: |- + ( + kubelet_volume_stats_available_bytes{job="kubelet", namespace=~"{{ .targetNamespace }}", metrics_path="/metrics"} + / + kubelet_volume_stats_capacity_bytes{job="kubelet", namespace=~"{{ .targetNamespace }}", metrics_path="/metrics"} + ) < 0.03 + and + kubelet_volume_stats_used_bytes{job="kubelet", namespace=~"{{ .targetNamespace }}", metrics_path="/metrics"} > 0 + unless on (namespace,persistentvolumeclaim,{{ $groupLabels }}) + kube_persistentvolumeclaim_access_mode{ access_mode="ReadOnlyMany"} == 1 + unless on (namespace,persistentvolumeclaim,{{ $groupLabels }}) + kube_persistentvolumeclaim_labels{label_excluded_from_alerts="true"} == 1 + for: 1m + labels: + severity: critical +- alert: KubePersistentVolumeFillingUp + annotations: + description: 'Based on recent sampling, the PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} {{`{{`}} with $labels.{{ $clusterLabel }} -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} is expected to fill up within four days. Currently {{`{{`}} $value | humanizePercentage {{`}}`}} is available.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubepersistentvolumefillingup' + summary: 'PersistentVolume is filling up.' + condition: '{{ true }}' + expr: |- + ( + kubelet_volume_stats_available_bytes{job="kubelet", namespace=~"{{ .targetNamespace }}", metrics_path="/metrics"} + / + kubelet_volume_stats_capacity_bytes{job="kubelet", namespace=~"{{ .targetNamespace }}", metrics_path="/metrics"} + ) < 0.15 + and + kubelet_volume_stats_used_bytes{job="kubelet", namespace=~"{{ .targetNamespace }}", metrics_path="/metrics"} > 0 + and + predict_linear(kubelet_volume_stats_available_bytes{job="kubelet", namespace=~"{{ .targetNamespace }}", metrics_path="/metrics"}[6h], 4 * 24 * 3600) < 0 + unless on (namespace,persistentvolumeclaim,{{ $groupLabels }}) + kube_persistentvolumeclaim_access_mode{ access_mode="ReadOnlyMany"} == 1 + unless on (namespace,persistentvolumeclaim,{{ $groupLabels }}) + kube_persistentvolumeclaim_labels{label_excluded_from_alerts="true"} == 1 + for: 1h + labels: + severity: warning +- alert: KubePersistentVolumeInodesFillingUp + annotations: + description: 'The PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} {{`{{`}} with $labels.{{ $clusterLabel }} -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} only has {{`{{`}} $value | humanizePercentage {{`}}`}} free inodes.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubepersistentvolumeinodesfillingup' + summary: 'PersistentVolumeInodes are filling up.' + condition: '{{ true }}' + expr: |- + ( + kubelet_volume_stats_inodes_free{job="kubelet", namespace=~"{{ .targetNamespace }}", metrics_path="/metrics"} + / + kubelet_volume_stats_inodes{job="kubelet", namespace=~"{{ .targetNamespace }}", metrics_path="/metrics"} + ) < 0.03 + and + kubelet_volume_stats_inodes_used{job="kubelet", namespace=~"{{ .targetNamespace }}", metrics_path="/metrics"} > 0 + unless on (namespace,persistentvolumeclaim,{{ $groupLabels }}) + kube_persistentvolumeclaim_access_mode{ access_mode="ReadOnlyMany"} == 1 + unless on (namespace,persistentvolumeclaim,{{ $groupLabels }}) + kube_persistentvolumeclaim_labels{label_excluded_from_alerts="true"} == 1 + for: 1m + labels: + severity: critical +- alert: KubePersistentVolumeInodesFillingUp + annotations: + description: 'Based on recent sampling, the PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} {{`{{`}} with $labels.{{ $clusterLabel }} -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} is expected to run out of inodes within four days. Currently {{`{{`}} $value | humanizePercentage {{`}}`}} of its inodes are free.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubepersistentvolumeinodesfillingup' + summary: 'PersistentVolumeInodes are filling up.' + condition: '{{ true }}' + expr: |- + ( + kubelet_volume_stats_inodes_free{job="kubelet", namespace=~"{{ .targetNamespace }}", metrics_path="/metrics"} + / + kubelet_volume_stats_inodes{job="kubelet", namespace=~"{{ .targetNamespace }}", metrics_path="/metrics"} + ) < 0.15 + and + kubelet_volume_stats_inodes_used{job="kubelet", namespace=~"{{ .targetNamespace }}", metrics_path="/metrics"} > 0 + and + predict_linear(kubelet_volume_stats_inodes_free{job="kubelet", namespace=~"{{ .targetNamespace }}", metrics_path="/metrics"}[6h], 4 * 24 * 3600) < 0 + unless on (namespace,persistentvolumeclaim,{{ $groupLabels }}) + kube_persistentvolumeclaim_access_mode{ access_mode="ReadOnlyMany"} == 1 + unless on (namespace,persistentvolumeclaim,{{ $groupLabels }}) + kube_persistentvolumeclaim_labels{label_excluded_from_alerts="true"} == 1 + for: 1h + labels: + severity: warning +- alert: KubePersistentVolumeErrors + annotations: + description: 'The persistent volume {{`{{`}} $labels.persistentvolume {{`}}`}} {{`{{`}} with $labels.{{ $clusterLabel }} -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} has status {{`{{`}} $labels.phase {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubepersistentvolumeerrors' + summary: 'PersistentVolume is having issues with provisioning.' + condition: '{{ true }}' + expr: kube_persistentvolume_status_phase{phase=~"Failed|Pending",job="kube-state-metrics"} > 0 + for: 5m + labels: + severity: critical diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system-apiserver.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system-apiserver.yaml new file mode 100644 index 0000000..f164baf --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system-apiserver.yaml @@ -0,0 +1,75 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: kubernetes-system-apiserver +rules: +- alert: KubeClientCertificateExpiration + annotations: + description: 'A client certificate used to authenticate to kubernetes apiserver is expiring in less than 7.0 days on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeclientcertificateexpiration' + summary: 'Client certificate is about to expire.' + condition: '{{ true }}' + expr: |- + histogram_quantile(0.01, sum without (namespace, service, endpoint) (rate(apiserver_client_certificate_expiration_seconds_bucket{job="apiserver"}[5m]))) < 604800 + and + on (job,instance,{{ $groupLabels }}) apiserver_client_certificate_expiration_seconds_count{job="apiserver"} > 0 + for: 5m + labels: + severity: warning +- alert: KubeClientCertificateExpiration + annotations: + description: 'A client certificate used to authenticate to kubernetes apiserver is expiring in less than 24.0 hours on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeclientcertificateexpiration' + summary: 'Client certificate is about to expire.' + condition: '{{ true }}' + expr: |- + histogram_quantile(0.01, sum without (namespace, service, endpoint) (rate(apiserver_client_certificate_expiration_seconds_bucket{job="apiserver"}[5m]))) < 86400 + and + on (job,instance,{{ $groupLabels }}) apiserver_client_certificate_expiration_seconds_count{job="apiserver"} > 0 + for: 5m + labels: + severity: critical +- alert: KubeAggregatedAPIErrors + annotations: + description: 'Kubernetes aggregated API {{`{{`}} $labels.instance {{`}}`}}/{{`{{`}} $labels.name {{`}}`}} has reported {{`{{`}} $labels.reason {{`}}`}} errors on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeaggregatedapierrors' + summary: 'Kubernetes aggregated API has reported errors.' + condition: '{{ true }}' + expr: sum by (instance,name,reason,{{ $groupLabels }})(increase(aggregator_unavailable_apiservice_total{job="apiserver"}[1m])) > 0 + for: 10m + labels: + severity: warning +- alert: KubeAggregatedAPIDown + annotations: + description: 'Kubernetes aggregated API {{`{{`}} $labels.name {{`}}`}}/{{`{{`}} $labels.namespace {{`}}`}} has been only {{`{{`}} $value | humanize {{`}}`}}% available over the last 10m on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeaggregatedapidown' + summary: 'Kubernetes aggregated API is down.' + condition: '{{ true }}' + expr: (1 - max by (name,namespace,{{ $groupLabels }})(avg_over_time(aggregator_unavailable_apiservice{job="apiserver"}[10m]))) * 100 < 85 + for: 5m + labels: + severity: warning +- alert: KubeAPIDown + annotations: + description: 'KubeAPI has disappeared from Prometheus target discovery.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeapidown' + summary: 'Target disappeared from Prometheus target discovery.' + condition: '{{ ($Values.kubeApiServer).enabled }}' + expr: absent(up{job="apiserver"} == 1) + for: 15m + labels: + severity: critical +- alert: KubeAPITerminatedRequests + annotations: + description: 'The kubernetes apiserver has terminated {{`{{`}} $value | humanizePercentage {{`}}`}} of its incoming requests on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeapiterminatedrequests' + summary: 'The kubernetes apiserver has terminated {{`{{`}} $value | humanizePercentage {{`}}`}} of its incoming requests.' + condition: '{{ true }}' + expr: sum by ({{ $groupLabels }}) (rate(apiserver_request_terminations_total{job="apiserver"}[10m])) / ( sum by ({{ $groupLabels }}) (rate(apiserver_request_total{job="apiserver"}[10m])) + sum by ({{ $groupLabels }}) (rate(apiserver_request_terminations_total{job="apiserver"}[10m])) ) > 0.20 + for: 5m + labels: + severity: warning diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system-controller-manager.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system-controller-manager.yaml new file mode 100644 index 0000000..b62a269 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system-controller-manager.yaml @@ -0,0 +1,19 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ ($Values.kubeControllerManager).enabled }}' +name: kubernetes-system-controller-manager +rules: +- alert: KubeControllerManagerDown + annotations: + description: 'KubeControllerManager has disappeared from Prometheus target discovery.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubecontrollermanagerdown' + summary: 'Target disappeared from Prometheus target discovery.' + condition: '{{ ($Values.kubeControllerManager).enabled }}' + expr: absent(up{job="kube-controller-manager"} == 1) + for: 15m + labels: + severity: critical diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system-kubelet.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system-kubelet.yaml new file mode 100644 index 0000000..c08d88f --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system-kubelet.yaml @@ -0,0 +1,183 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: kubernetes-system-kubelet +rules: +- alert: KubeNodeNotReady + annotations: + description: '{{`{{`}} $labels.node {{`}}`}} has been unready for more than 15 minutes on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubenodenotready' + summary: 'Node is not ready.' + condition: '{{ true }}' + expr: |- + kube_node_status_condition{job="kube-state-metrics",condition="Ready",status="true"} == 0 + and on (node,{{ $groupLabels }}) + kube_node_spec_unschedulable{job="kube-state-metrics"} == 0 + for: 15m + labels: + severity: warning +- alert: KubeNodePressure + annotations: + description: '{{`{{`}} $labels.node {{`}}`}} on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}} has active Condition {{`{{`}} $labels.condition {{`}}`}}. This is caused by resource usage exceeding eviction thresholds.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubenodepressure' + summary: 'Node has as active Condition.' + condition: '{{ true }}' + expr: |- + kube_node_status_condition{job="kube-state-metrics",condition=~"(MemoryPressure|DiskPressure|PIDPressure)",status="true"} == 1 + and on (node,{{ $groupLabels }}) + kube_node_spec_unschedulable{job="kube-state-metrics"} == 0 + for: 10m + labels: + severity: info +- alert: KubeNodeUnreachable + annotations: + description: '{{`{{`}} $labels.node {{`}}`}} is unreachable and some workloads may be rescheduled on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubenodeunreachable' + summary: 'Node is unreachable.' + condition: '{{ true }}' + expr: (kube_node_spec_taint{job="kube-state-metrics",key="node.kubernetes.io/unreachable",effect="NoSchedule"} unless ignoring(key,value) kube_node_spec_taint{job="kube-state-metrics",key=~"ToBeDeletedByClusterAutoscaler|cloud.google.com/impending-node-termination|aws-node-termination-handler/spot-itn"}) == 1 + for: 15m + labels: + severity: warning +- alert: KubeletTooManyPods + annotations: + description: 'Kubelet ''{{`{{`}} $labels.node {{`}}`}}'' is running at {{`{{`}} $value | humanizePercentage {{`}}`}} of its Pod capacity on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubelettoomanypods' + summary: 'Kubelet is running at capacity.' + condition: '{{ true }}' + expr: |- + ( + max by (instance,{{ $groupLabels }}) ( + kubelet_running_pods{job="kubelet", metrics_path="/metrics"} > 1 + ) + * on (instance,{{ $groupLabels }}) group_left(node) + max by (instance,node,{{ $groupLabels }}) ( + kubelet_node_name{job="kubelet", metrics_path="/metrics"} + ) + ) + / on (node,{{ $groupLabels }}) group_left() + max by (node,{{ $groupLabels }}) ( + kube_node_status_capacity{job="kube-state-metrics", resource="pods"} != 1 + ) > 0.95 + for: 15m + labels: + severity: info +- alert: KubeNodeReadinessFlapping + annotations: + description: 'The readiness status of node {{`{{`}} $labels.node {{`}}`}} has changed {{`{{`}} $value {{`}}`}} times in the last 15 minutes on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubenodereadinessflapping' + summary: 'Node readiness status is flapping.' + condition: '{{ true }}' + expr: |- + sum(changes(kube_node_status_condition{job="kube-state-metrics",status="true",condition="Ready"}[15m])) by (node,{{ $groupLabels }}) > 2 + and on (node,{{ $groupLabels }}) + kube_node_spec_unschedulable{job="kube-state-metrics"} == 0 + for: 15m + labels: + severity: warning +- alert: KubeNodeEviction + annotations: + description: 'Node {{`{{`}} $labels.node {{`}}`}} on {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}} is evicting Pods due to {{`{{`}} $labels.eviction_signal {{`}}`}}. Eviction occurs when eviction thresholds are crossed, typically caused by Pods exceeding RAM/ephemeral-storage limits.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubenodeeviction' + summary: 'Node is evicting pods.' + condition: '{{ true }}' + expr: |- + sum(rate(kubelet_evictions{job="kubelet", metrics_path="/metrics"}[15m])) by (eviction_signal,instance,{{ $groupLabels }}) + * on (instance,{{ $groupLabels }}) group_left(node) + max by (instance,node,{{ $groupLabels }}) ( + kubelet_node_name{job="kubelet", metrics_path="/metrics"} + ) + > 0 + for: 0s + labels: + severity: info +- alert: KubeletPlegDurationHigh + annotations: + description: 'The Kubelet Pod Lifecycle Event Generator has a 99th percentile duration of {{`{{`}} $value {{`}}`}} seconds on node {{`{{`}} $labels.node {{`}}`}} on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeletplegdurationhigh' + summary: 'Kubelet Pod Lifecycle Event Generator is taking too long to relist.' + condition: '{{ true }}' + expr: node_quantile:kubelet_pleg_relist_duration_seconds:histogram_quantile{quantile="0.99"} >= 10 + for: 5m + labels: + severity: warning +- alert: KubeletPodStartUpLatencyHigh + annotations: + description: 'Kubelet Pod startup 99th percentile latency is {{`{{`}} $value {{`}}`}} seconds on node {{`{{`}} $labels.node {{`}}`}} on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeletpodstartuplatencyhigh' + summary: 'Kubelet Pod startup latency is too high.' + condition: '{{ true }}' + expr: histogram_quantile(0.99, sum(rate(kubelet_pod_worker_duration_seconds_bucket{job="kubelet", metrics_path="/metrics"}[5m])) by (instance,le,{{ $groupLabels }})) * on (instance,{{ $groupLabels }}) group_left(node) kubelet_node_name{job="kubelet", metrics_path="/metrics"} > 60 + for: 15m + labels: + severity: warning +- alert: KubeletClientCertificateExpiration + annotations: + description: 'Client certificate for Kubelet on node {{`{{`}} $labels.node {{`}}`}} expires in {{`{{`}} $value | humanizeDuration {{`}}`}} on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeletclientcertificateexpiration' + summary: 'Kubelet client certificate is about to expire.' + condition: '{{ true }}' + expr: kubelet_certificate_manager_client_ttl_seconds < 604800 + labels: + severity: warning +- alert: KubeletClientCertificateExpiration + annotations: + description: 'Client certificate for Kubelet on node {{`{{`}} $labels.node {{`}}`}} expires in {{`{{`}} $value | humanizeDuration {{`}}`}} on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeletclientcertificateexpiration' + summary: 'Kubelet client certificate is about to expire.' + condition: '{{ true }}' + expr: kubelet_certificate_manager_client_ttl_seconds < 86400 + labels: + severity: critical +- alert: KubeletServerCertificateExpiration + annotations: + description: 'Server certificate for Kubelet on node {{`{{`}} $labels.node {{`}}`}} expires in {{`{{`}} $value | humanizeDuration {{`}}`}} on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeletservercertificateexpiration' + summary: 'Kubelet server certificate is about to expire.' + condition: '{{ true }}' + expr: kubelet_certificate_manager_server_ttl_seconds < 604800 + labels: + severity: warning +- alert: KubeletServerCertificateExpiration + annotations: + description: 'Server certificate for Kubelet on node {{`{{`}} $labels.node {{`}}`}} expires in {{`{{`}} $value | humanizeDuration {{`}}`}} on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeletservercertificateexpiration' + summary: 'Kubelet server certificate is about to expire.' + condition: '{{ true }}' + expr: kubelet_certificate_manager_server_ttl_seconds < 86400 + labels: + severity: critical +- alert: KubeletClientCertificateRenewalErrors + annotations: + description: 'Kubelet on node {{`{{`}} $labels.node {{`}}`}} has failed to renew its client certificate ({{`{{`}} $value | humanize {{`}}`}} errors in the last 5 minutes) on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeletclientcertificaterenewalerrors' + summary: 'Kubelet has failed to renew its client certificate.' + condition: '{{ true }}' + expr: increase(kubelet_certificate_manager_client_expiration_renew_errors[5m]) > 0 + for: 15m + labels: + severity: warning +- alert: KubeletServerCertificateRenewalErrors + annotations: + description: 'Kubelet on node {{`{{`}} $labels.node {{`}}`}} has failed to renew its server certificate ({{`{{`}} $value | humanize {{`}}`}} errors in the last 5 minutes) on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeletservercertificaterenewalerrors' + summary: 'Kubelet has failed to renew its server certificate.' + condition: '{{ true }}' + expr: increase(kubelet_server_expiration_renew_errors[5m]) > 0 + for: 15m + labels: + severity: warning +- alert: KubeletDown + annotations: + description: 'Kubelet has disappeared from Prometheus target discovery.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeletdown' + summary: 'Target disappeared from Prometheus target discovery.' + condition: '{{ ($Values.kubelet).enabled }}' + expr: absent(up{job="kubelet", metrics_path="/metrics"} == 1) + for: 15m + labels: + severity: critical diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system-scheduler.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system-scheduler.yaml new file mode 100644 index 0000000..d139609 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system-scheduler.yaml @@ -0,0 +1,19 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ ($Values.kubeScheduler).enabled }}' +name: kubernetes-system-scheduler +rules: +- alert: KubeSchedulerDown + annotations: + description: 'KubeScheduler has disappeared from Prometheus target discovery.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeschedulerdown' + summary: 'Target disappeared from Prometheus target discovery.' + condition: '{{ ($Values.kubeScheduler).enabled }}' + expr: absent(up{job="kube-scheduler"} == 1) + for: 15m + labels: + severity: critical diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system.yaml new file mode 100644 index 0000000..44220b7 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/kubernetes-system.yaml @@ -0,0 +1,33 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: kubernetes-system +rules: +- alert: KubeVersionMismatch + annotations: + description: 'There are {{`{{`}} $value {{`}}`}} different semantic versions of Kubernetes components running on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeversionmismatch' + summary: 'Different semantic versions of Kubernetes components running.' + condition: '{{ true }}' + expr: count by ({{ $groupLabels }}) (count by (git_version,{{ $groupLabels }}) (label_replace(kubernetes_build_info{job!~"kube-dns|coredns"},"git_version","$1","git_version","(v[0-9]*.[0-9]*).*"))) > 1 + for: 15m + labels: + severity: warning +- alert: KubeClientErrors + annotations: + description: 'Kubernetes API server client ''{{`{{`}} $labels.job {{`}}`}}/{{`{{`}} $labels.instance {{`}}`}}'' is experiencing {{`{{`}} $value | humanizePercentage {{`}}`}} errors on cluster {{`{{`}} $labels.{{ $clusterLabel }} {{`}}`}}.' + runbook_url: '{{ $runbookUrl }}/kubernetes/kubeclienterrors' + summary: 'Kubernetes API server client is experiencing errors.' + condition: '{{ true }}' + expr: |- + (sum(rate(rest_client_requests_total{job="apiserver",code=~"5.."}[5m])) by (instance,job,namespace,{{ $groupLabels }}) + / + sum(rate(rest_client_requests_total{job="apiserver"}[5m])) by (instance,job,namespace,{{ $groupLabels }})) + > 0.01 + for: 15m + labels: + severity: warning diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/node-exporter.rules.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/node-exporter.rules.yaml new file mode 100644 index 0000000..e6a29f6 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/node-exporter.rules.yaml @@ -0,0 +1,82 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: node-exporter.rules +rules: +- condition: '{{ true }}' + expr: |- + count without (cpu, mode) ( + node_cpu_seconds_total{job="node-exporter",mode="idle"} + ) + record: instance:node_num_cpu:sum +- condition: '{{ true }}' + expr: |- + 1 - avg without (cpu) ( + sum without (mode) (rate(node_cpu_seconds_total{job="node-exporter", mode=~"idle|iowait|steal"}[5m])) + ) + record: instance:node_cpu_utilisation:rate5m +- condition: '{{ true }}' + expr: |- + ( + node_load1{job="node-exporter"} + / + instance:node_num_cpu:sum{job="node-exporter"} + ) + record: instance:node_load1_per_cpu:ratio +- condition: '{{ true }}' + expr: |- + 1 - ( + ( + node_memory_MemAvailable_bytes{job="node-exporter"} + or + ( + node_memory_Buffers_bytes{job="node-exporter"} + + + node_memory_Cached_bytes{job="node-exporter"} + + + node_memory_MemFree_bytes{job="node-exporter"} + + + node_memory_Slab_bytes{job="node-exporter"} + ) + ) + / + node_memory_MemTotal_bytes{job="node-exporter"} + ) + record: instance:node_memory_utilisation:ratio +- condition: '{{ true }}' + expr: rate(node_vmstat_pgmajfault{job="node-exporter"}[5m]) + record: instance:node_vmstat_pgmajfault:rate5m +- condition: '{{ true }}' + expr: rate(node_disk_io_time_seconds_total{job="node-exporter", device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"}[5m]) + record: instance_device:node_disk_io_time_seconds:rate5m +- condition: '{{ true }}' + expr: rate(node_disk_io_time_weighted_seconds_total{job="node-exporter", device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"}[5m]) + record: instance_device:node_disk_io_time_weighted_seconds:rate5m +- condition: '{{ true }}' + expr: |- + sum without (device) ( + rate(node_network_receive_bytes_total{job="node-exporter", device!="lo"}[5m]) + ) + record: instance:node_network_receive_bytes_excluding_lo:rate5m +- condition: '{{ true }}' + expr: |- + sum without (device) ( + rate(node_network_transmit_bytes_total{job="node-exporter", device!="lo"}[5m]) + ) + record: instance:node_network_transmit_bytes_excluding_lo:rate5m +- condition: '{{ true }}' + expr: |- + sum without (device) ( + rate(node_network_receive_drop_total{job="node-exporter", device!="lo"}[5m]) + ) + record: instance:node_network_receive_drop_excluding_lo:rate5m +- condition: '{{ true }}' + expr: |- + sum without (device) ( + rate(node_network_transmit_drop_total{job="node-exporter", device!="lo"}[5m]) + ) + record: instance:node_network_transmit_drop_excluding_lo:rate5m diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/node-exporter.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/node-exporter.yaml new file mode 100644 index 0000000..7a2c536 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/node-exporter.yaml @@ -0,0 +1,352 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: node-exporter +rules: +- alert: NodeFilesystemSpaceFillingUp + annotations: + description: 'Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available space left and is filling up.' + runbook_url: '{{ $runbookUrl }}/node/nodefilesystemspacefillingup' + summary: 'Filesystem is predicted to run out of space within the next 24 hours.' + condition: '{{ true }}' + expr: |- + ( + node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_size_bytes{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 15 + and + predict_linear(node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""}[6h], 24*60*60) < 0 + and + node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0 + ) + for: 1h + labels: + severity: warning +- alert: NodeFilesystemSpaceFillingUp + annotations: + description: 'Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available space left and is filling up fast.' + runbook_url: '{{ $runbookUrl }}/node/nodefilesystemspacefillingup' + summary: 'Filesystem is predicted to run out of space within the next 4 hours.' + condition: '{{ true }}' + expr: |- + ( + node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_size_bytes{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 10 + and + predict_linear(node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""}[6h], 4*60*60) < 0 + and + node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0 + ) + for: 1h + labels: + severity: critical +- alert: NodeFilesystemAlmostOutOfSpace + annotations: + description: 'Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available space left.' + runbook_url: '{{ $runbookUrl }}/node/nodefilesystemalmostoutofspace' + summary: 'Filesystem has less than 5% space left.' + condition: '{{ true }}' + expr: |- + ( + node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_size_bytes{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 5 + and + node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0 + ) + for: 30m + labels: + severity: warning +- alert: NodeFilesystemAlmostOutOfSpace + annotations: + description: 'Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available space left.' + runbook_url: '{{ $runbookUrl }}/node/nodefilesystemalmostoutofspace' + summary: 'Filesystem has less than 3% space left.' + condition: '{{ true }}' + expr: |- + ( + node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_size_bytes{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 3 + and + node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0 + ) + for: 30m + labels: + severity: critical +- alert: NodeFilesystemFilesFillingUp + annotations: + description: 'Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available inodes left and is filling up.' + runbook_url: '{{ $runbookUrl }}/node/nodefilesystemfilesfillingup' + summary: 'Filesystem is predicted to run out of inodes within the next 24 hours.' + condition: '{{ true }}' + expr: |- + ( + node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_files{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 40 + and + predict_linear(node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""}[6h], 24*60*60) < 0 + and + node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0 + ) + for: 1h + labels: + severity: warning +- alert: NodeFilesystemFilesFillingUp + annotations: + description: 'Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available inodes left and is filling up fast.' + runbook_url: '{{ $runbookUrl }}/node/nodefilesystemfilesfillingup' + summary: 'Filesystem is predicted to run out of inodes within the next 4 hours.' + condition: '{{ true }}' + expr: |- + ( + node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_files{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 20 + and + predict_linear(node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""}[6h], 4*60*60) < 0 + and + node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0 + ) + for: 1h + labels: + severity: critical +- alert: NodeFilesystemAlmostOutOfFiles + annotations: + description: 'Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available inodes left.' + runbook_url: '{{ $runbookUrl }}/node/nodefilesystemalmostoutoffiles' + summary: 'Filesystem has less than 5% inodes left.' + condition: '{{ true }}' + expr: |- + ( + node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_files{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 5 + and + node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0 + ) + for: 1h + labels: + severity: warning +- alert: NodeFilesystemAlmostOutOfFiles + annotations: + description: 'Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available inodes left.' + runbook_url: '{{ $runbookUrl }}/node/nodefilesystemalmostoutoffiles' + summary: 'Filesystem has less than 3% inodes left.' + condition: '{{ true }}' + expr: |- + ( + node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_files{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 3 + and + node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0 + ) + for: 1h + labels: + severity: critical +- alert: NodeNetworkReceiveErrs + annotations: + description: '{{`{{`}} $labels.instance {{`}}`}} interface {{`{{`}} $labels.device {{`}}`}} has encountered {{`{{`}} printf "%.0f" $value {{`}}`}} receive errors in the last two minutes.' + runbook_url: '{{ $runbookUrl }}/node/nodenetworkreceiveerrs' + summary: 'Network interface is reporting many receive errors.' + condition: '{{ true }}' + expr: rate(node_network_receive_errs_total{job="node-exporter"}[2m]) / rate(node_network_receive_packets_total{job="node-exporter"}[2m]) > 0.01 + for: 1h + labels: + severity: warning +- alert: NodeNetworkTransmitErrs + annotations: + description: '{{`{{`}} $labels.instance {{`}}`}} interface {{`{{`}} $labels.device {{`}}`}} has encountered {{`{{`}} printf "%.0f" $value {{`}}`}} transmit errors in the last two minutes.' + runbook_url: '{{ $runbookUrl }}/node/nodenetworktransmiterrs' + summary: 'Network interface is reporting many transmit errors.' + condition: '{{ true }}' + expr: rate(node_network_transmit_errs_total{job="node-exporter"}[2m]) / rate(node_network_transmit_packets_total{job="node-exporter"}[2m]) > 0.01 + for: 1h + labels: + severity: warning +- alert: NodeHighNumberConntrackEntriesUsed + annotations: + description: '{{`{{`}} $labels.instance {{`}}`}} {{`{{`}} $value | humanizePercentage {{`}}`}} of conntrack entries are used.' + runbook_url: '{{ $runbookUrl }}/node/nodehighnumberconntrackentriesused' + summary: 'Number of conntrack are getting close to the limit.' + condition: '{{ true }}' + expr: (node_nf_conntrack_entries{job="node-exporter"} / node_nf_conntrack_entries_limit) > 0.75 + labels: + severity: warning +- alert: NodeTextFileCollectorScrapeError + annotations: + description: 'Node Exporter text file collector on {{`{{`}} $labels.instance {{`}}`}} failed to scrape.' + runbook_url: '{{ $runbookUrl }}/node/nodetextfilecollectorscrapeerror' + summary: 'Node Exporter text file collector failed to scrape.' + condition: '{{ true }}' + expr: node_textfile_scrape_error{job="node-exporter"} == 1 + labels: + severity: warning +- alert: NodeClockSkewDetected + annotations: + description: 'Clock at {{`{{`}} $labels.instance {{`}}`}} is out of sync by more than 0.05s. Ensure NTP is configured correctly on this host.' + runbook_url: '{{ $runbookUrl }}/node/nodeclockskewdetected' + summary: 'Clock skew detected.' + condition: '{{ true }}' + expr: |- + ( + node_timex_offset_seconds{job="node-exporter"} > 0.05 + and + deriv(node_timex_offset_seconds{job="node-exporter"}[5m]) >= 0 + ) + or + ( + node_timex_offset_seconds{job="node-exporter"} < -0.05 + and + deriv(node_timex_offset_seconds{job="node-exporter"}[5m]) <= 0 + ) + for: 10m + labels: + severity: warning +- alert: NodeClockNotSynchronising + annotations: + description: 'Clock at {{`{{`}} $labels.instance {{`}}`}} is not synchronising. Ensure NTP is configured on this host.' + runbook_url: '{{ $runbookUrl }}/node/nodeclocknotsynchronising' + summary: 'Clock not synchronising.' + condition: '{{ true }}' + expr: |- + min_over_time(node_timex_sync_status{job="node-exporter"}[5m]) == 0 + and + node_timex_maxerror_seconds{job="node-exporter"} >= 16 + for: 10m + labels: + severity: warning +- alert: NodeRAIDDegraded + annotations: + description: 'RAID array ''{{`{{`}} $labels.device {{`}}`}}'' at {{`{{`}} $labels.instance {{`}}`}} is in degraded state due to one or more disks failures. Number of spare drives is insufficient to fix issue automatically.' + runbook_url: '{{ $runbookUrl }}/node/noderaiddegraded' + summary: 'RAID Array is degraded.' + condition: '{{ true }}' + expr: node_md_disks_required{job="node-exporter",device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"} - ignoring (state) (node_md_disks{state="active",job="node-exporter",device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"}) > 0 + for: 15m + labels: + severity: critical +- alert: NodeRAIDDiskFailure + annotations: + description: 'At least one device in RAID array at {{`{{`}} $labels.instance {{`}}`}} failed. Array ''{{`{{`}} $labels.device {{`}}`}}'' needs attention and possibly a disk swap.' + runbook_url: '{{ $runbookUrl }}/node/noderaiddiskfailure' + summary: 'Failed device in RAID array.' + condition: '{{ true }}' + expr: node_md_disks{state="failed",job="node-exporter",device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"} > 0 + labels: + severity: warning +- alert: NodeFileDescriptorLimit + annotations: + description: 'File descriptors limit at {{`{{`}} $labels.instance {{`}}`}} is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}%.' + runbook_url: '{{ $runbookUrl }}/node/nodefiledescriptorlimit' + summary: 'Kernel is predicted to exhaust file descriptors limit soon.' + condition: '{{ true }}' + expr: |- + ( + node_filefd_allocated{job="node-exporter"} * 100 / node_filefd_maximum{job="node-exporter"} > 70 + ) + for: 15m + labels: + severity: warning +- alert: NodeFileDescriptorLimit + annotations: + description: 'File descriptors limit at {{`{{`}} $labels.instance {{`}}`}} is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}%.' + runbook_url: '{{ $runbookUrl }}/node/nodefiledescriptorlimit' + summary: 'Kernel is predicted to exhaust file descriptors limit soon.' + condition: '{{ true }}' + expr: |- + ( + node_filefd_allocated{job="node-exporter"} * 100 / node_filefd_maximum{job="node-exporter"} > 90 + ) + for: 15m + labels: + severity: critical +- alert: NodeCPUHighUsage + annotations: + description: 'CPU usage at {{`{{`}} $labels.instance {{`}}`}} has been above 90% for the last 15 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}%. + + ' + runbook_url: '{{ $runbookUrl }}/node/nodecpuhighusage' + summary: 'High CPU usage.' + condition: '{{ true }}' + expr: sum without(mode) (avg without (cpu) (rate(node_cpu_seconds_total{job="node-exporter", mode!~"idle|iowait"}[2m]))) * 100 > 90 + for: 15m + labels: + severity: info +- alert: NodeSystemSaturation + annotations: + description: 'System load per core at {{`{{`}} $labels.instance {{`}}`}} has been above 2 for the last 15 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}. + + This might indicate this instance resources saturation and can cause it becoming unresponsive. + + ' + runbook_url: '{{ $runbookUrl }}/node/nodesystemsaturation' + summary: 'System saturated, load per core is very high.' + condition: '{{ true }}' + expr: |- + node_load1{job="node-exporter"} + / count without (cpu, mode) (node_cpu_seconds_total{job="node-exporter", mode="idle"}) > 2 + for: 15m + labels: + severity: warning +- alert: NodeMemoryMajorPagesFaults + annotations: + description: 'Memory major pages are occurring at very high rate at {{`{{`}} $labels.instance {{`}}`}}, 500 major page faults per second for the last 15 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}. + + Please check that there is enough memory available at this instance. + + ' + runbook_url: '{{ $runbookUrl }}/node/nodememorymajorpagesfaults' + summary: 'Memory major page faults are occurring at very high rate.' + condition: '{{ true }}' + expr: rate(node_vmstat_pgmajfault{job="node-exporter"}[5m]) > 500 + for: 15m + labels: + severity: warning +- alert: NodeMemoryHighUtilization + annotations: + description: 'Memory is filling up at {{`{{`}} $labels.instance {{`}}`}}, has been above 90% for the last 15 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}%. + + ' + runbook_url: '{{ $runbookUrl }}/node/nodememoryhighutilization' + summary: 'Host is running out of memory.' + condition: '{{ true }}' + expr: 100 - (node_memory_MemAvailable_bytes{job="node-exporter"} / node_memory_MemTotal_bytes{job="node-exporter"} * 100) > 90 + for: 15m + labels: + severity: warning +- alert: NodeDiskIOSaturation + annotations: + description: 'Disk IO queue (aqu-sq) is high on {{`{{`}} $labels.device {{`}}`}} at {{`{{`}} $labels.instance {{`}}`}}, has been above 10 for the last 30 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}. + + This symptom might indicate disk saturation. + + ' + runbook_url: '{{ $runbookUrl }}/node/nodediskiosaturation' + summary: 'Disk IO queue is high.' + condition: '{{ true }}' + expr: rate(node_disk_io_time_weighted_seconds_total{job="node-exporter", device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"}[5m]) > 10 + for: 30m + labels: + severity: warning +- alert: NodeSystemdServiceFailed + annotations: + description: 'Systemd service {{`{{`}} $labels.name {{`}}`}} has entered failed state at {{`{{`}} $labels.instance {{`}}`}}' + runbook_url: '{{ $runbookUrl }}/node/nodesystemdservicefailed' + summary: 'Systemd service has entered failed state.' + condition: '{{ true }}' + expr: node_systemd_unit_state{job="node-exporter", state="failed"} == 1 + for: 5m + labels: + severity: warning +- alert: NodeSystemdServiceCrashlooping + annotations: + description: 'Systemd service {{`{{`}} $labels.name {{`}}`}} has being restarted too many times at {{`{{`}} $labels.instance {{`}}`}} for the last 15 minutes. Please check if service is crash looping.' + runbook_url: '{{ $runbookUrl }}/node/nodesystemdservicecrashlooping' + summary: 'Systemd service keeps restaring, possibly crash looping.' + condition: '{{ true }}' + expr: increase(node_systemd_service_restart_total{job="node-exporter"}[5m]) > 2 + for: 15m + labels: + severity: warning +- alert: NodeBondingDegraded + annotations: + description: 'Bonding interface {{`{{`}} $labels.master {{`}}`}} on {{`{{`}} $labels.instance {{`}}`}} is in degraded state due to one or more slave failures.' + runbook_url: '{{ $runbookUrl }}/node/nodebondingdegraded' + summary: 'Bonding interface is degraded' + condition: '{{ true }}' + expr: (node_bonding_slaves - node_bonding_active) != 0 + for: 5m + labels: + severity: warning diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/node-network.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/node-network.yaml new file mode 100644 index 0000000..664e5eb --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/node-network.yaml @@ -0,0 +1,19 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: node-network +rules: +- alert: NodeNetworkInterfaceFlapping + annotations: + description: 'Network interface "{{`{{`}} $labels.device {{`}}`}}" changing its up status often on node-exporter {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}}' + runbook_url: '{{ $runbookUrl }}/general/nodenetworkinterfaceflapping' + summary: 'Network interface is often changing its status' + condition: '{{ true }}' + expr: changes(node_network_up{job="node-exporter",device!~"veth.+"}[2m]) > 2 + for: 2m + labels: + severity: warning diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/node.rules.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/node.rules.yaml new file mode 100644 index 0000000..e259a42 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/node.rules.yaml @@ -0,0 +1,50 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: node.rules +rules: +- condition: '{{ true }}' + expr: |- + topk by (namespace,pod,{{ $groupLabels }}) (1, + max by (node,namespace,pod,{{ $groupLabels }}) ( + label_replace(kube_pod_info{job="kube-state-metrics",node!=""}, "pod", "$1", "pod", "(.*)") + )) + record: 'node_namespace_pod:kube_pod_info:' +- condition: '{{ true }}' + expr: |- + count by (node,{{ $groupLabels }}) ( + node_cpu_seconds_total{mode="idle",job="node-exporter"} + * on (namespace,pod,{{ $groupLabels }}) group_left(node) + topk by (namespace,pod,{{ $groupLabels }}) (1, node_namespace_pod:kube_pod_info:) + ) + record: node:node_num_cpu:sum +- condition: '{{ true }}' + expr: |- + sum( + node_memory_MemAvailable_bytes{job="node-exporter"} or + ( + node_memory_Buffers_bytes{job="node-exporter"} + + node_memory_Cached_bytes{job="node-exporter"} + + node_memory_MemFree_bytes{job="node-exporter"} + + node_memory_Slab_bytes{job="node-exporter"} + ) + ) by ({{ $groupLabels }}) + record: :node_memory_MemAvailable_bytes:sum +- condition: '{{ true }}' + expr: |- + avg by (node,{{ $groupLabels }}) ( + sum without (mode) ( + rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal",job="node-exporter"}[5m]) + ) + ) + record: node:node_cpu_utilization:ratio_rate5m +- condition: '{{ true }}' + expr: |- + avg by ({{ $groupLabels }}) ( + node:node_cpu_utilization:ratio_rate5m + ) + record: cluster:node_cpu:ratio_rate5m diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/vm-health.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/vm-health.yaml new file mode 100644 index 0000000..197dfdd --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/vm-health.yaml @@ -0,0 +1,155 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: vm-health +rules: +- alert: TooManyRestarts + annotations: + description: 'Job {{`{{`}} $labels.job {{`}}`}} (instance {{`{{`}} $labels.instance {{`}}`}}) has restarted more than twice in the last 15 minutes. It might be crashlooping. + + ' + summary: '{{`{{`}} $labels.job {{`}}`}} too many restarts (instance {{`{{`}} $labels.instance {{`}}`}})' + condition: '{{ true }}' + expr: changes(process_start_time_seconds{job=~".*(victoriametrics|vmselect|vminsert|vmstorage|vmagent|vmalert|vmsingle|vmalertmanager|vmauth|victorialogs|vlstorage|vlselect|vlinsert).*"}[15m]) > 2 + labels: + severity: critical +- alert: ServiceDown + annotations: + description: '{{`{{`}} $labels.instance {{`}}`}} of job {{`{{`}} $labels.job {{`}}`}} has been down for more than 2 minutes.' + summary: 'Service {{`{{`}} $labels.job {{`}}`}} is down on {{`{{`}} $labels.instance {{`}}`}}' + condition: '{{ true }}' + expr: up{job=~".*(victoriametrics|vmselect|vminsert|vmstorage|vmagent|vmalert|vmsingle|vmalertmanager|vmauth|victorialogs|vlstorage|vlselect|vlinsert).*"} == 0 + for: 2m + labels: + severity: critical +- alert: ProcessNearFDLimits + annotations: + description: 'Exhausting OS file descriptors limit can cause severe degradation of the process. + + Consider to increase the limit as fast as possible. + + ' + summary: 'Number of free file descriptors is less than 100 for "{{`{{`}} $labels.job {{`}}`}}"("{{`{{`}} $labels.instance {{`}}`}}") for the last 5m' + condition: '{{ true }}' + expr: (process_max_fds - process_open_fds) < 100 + for: 5m + labels: + severity: critical +- alert: TooHighMemoryUsage + annotations: + description: 'Too high memory usage may result into multiple issues such as OOMs or degraded performance. + + Consider to either increase available memory or decrease the load on the process. + + ' + summary: 'It is more than 80% of memory used by "{{`{{`}} $labels.job {{`}}`}}"("{{`{{`}} $labels.instance {{`}}`}}")' + condition: '{{ true }}' + expr: (min_over_time(process_resident_memory_anon_bytes[10m]) / vm_available_memory_bytes) > 0.8 + for: 5m + labels: + severity: critical +- alert: TooHighCPUUsage + annotations: + description: 'Too high CPU usage may be a sign of insufficient resources and make process unstable. Consider to either increase available CPU resources or decrease the load on the process. + + ' + summary: 'More than 90% of CPU is used by "{{`{{`}} $labels.job {{`}}`}}"("{{`{{`}} $labels.instance {{`}}`}}") during the last 5m' + condition: '{{ true }}' + expr: rate(process_cpu_seconds_total[5m]) / process_cpu_cores_available > 0.9 + for: 5m + labels: + severity: critical +- alert: TooHighGoroutineSchedulingLatency + annotations: + description: 'Go runtime is unable to schedule goroutines execution in acceptable time. This is usually a sign of insufficient CPU resources or CPU throttling. Verify that service has enough CPU resources. Otherwise, the service could work unreliably with delays in processing. + + ' + summary: '"{{`{{`}} $labels.job {{`}}`}}"("{{`{{`}} $labels.instance {{`}}`}}") has insufficient CPU resources for >15m' + condition: '{{ true }}' + expr: histogram_quantile(0.99, sum(rate(go_sched_latencies_seconds_bucket[5m])) by (le,job,instance,{{ $groupLabels }})) > 0.1 + for: 15m + labels: + severity: critical +- alert: TooManyLogs + annotations: + description: 'Logging rate for job \"{{`{{`}} $labels.job {{`}}`}}\" ({{`{{`}} $labels.instance {{`}}`}}) is {{`{{`}} $value {{`}}`}} for last 15m. Worth to check logs for specific error messages. + + ' + summary: 'Too many logs printed for job "{{`{{`}} $labels.job {{`}}`}}" ({{`{{`}} $labels.instance {{`}}`}})' + condition: '{{ true }}' + expr: sum(increase(vm_log_messages_total{level="error"}[5m])) without (app_version, location) > 0 + for: 15m + labels: + severity: warning +- alert: TooManyTSIDMisses + annotations: + description: 'The rate of TSID misses during query lookups is too high for \"{{`{{`}} $labels.job {{`}}`}}\" ({{`{{`}} $labels.instance {{`}}`}}). + + Make sure you''re running VictoriaMetrics of v1.85.3 or higher. + + Related issue https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3502 + + ' + summary: 'Too many TSID misses for job "{{`{{`}} $labels.job {{`}}`}}" ({{`{{`}} $labels.instance {{`}}`}})' + condition: '{{ true }}' + expr: rate(vm_missing_tsids_for_metric_id_total[5m]) > 0 + for: 10m + labels: + severity: critical +- alert: ConcurrentInsertsHitTheLimit + annotations: + description: "The limit of concurrent inserts on instance {{`{{`}} $labels.instance {{`}}`}} depends on the number of CPUs.\nUsually, when component constantly hits the limit it is likely the component is overloaded and requires more CPU.\nIn some cases for components like vmagent or vminsert the alert might trigger if there are too many clients\nmaking write attempts. If vmagent's or vminsert's CPU usage and network saturation are at normal level, then \nit might be worth adjusting `-maxConcurrentInserts` cmd-line flag.\n" + summary: '{{`{{`}} $labels.job {{`}}`}} on instance {{`{{`}} $labels.instance {{`}}`}} is constantly hitting concurrent inserts limit' + condition: '{{ true }}' + expr: avg_over_time(vm_concurrent_insert_current[1m]) >= vm_concurrent_insert_capacity + for: 15m + labels: + severity: warning +- alert: IndexDBRecordsDrop + annotations: + description: "VictoriaMetrics could skip registering new timeseries during ingestion if they fail the validation process. \nFor example, `reason=too_long_item` means that time series cannot exceed 64KB. Please, reduce the number \nof labels or label values for such series. Or enforce these limits via `-maxLabelsPerTimeseries` and \n`-maxLabelValueLen` command-line flags.\n" + summary: 'IndexDB skipped registering items during data ingestion with reason={{`{{`}} $labels.reason {{`}}`}}.' + condition: '{{ true }}' + expr: increase(vm_indexdb_items_dropped_total[5m]) > 0 + labels: + severity: critical +- alert: RowsRejectedOnIngestion + annotations: + description: 'Ingested rows on instance "{{`{{`}} $labels.instance {{`}}`}}" are rejected due to the following reason: "{{`{{`}} $labels.reason {{`}}`}}"' + summary: 'Some rows are rejected on "{{`{{`}} $labels.instance {{`}}`}}" on ingestion attempt' + condition: '{{ true }}' + expr: rate(vm_rows_ignored_total[5m]) > 0 + for: 15m + labels: + severity: warning +- alert: TooHighQueryLoad + annotations: + description: 'Instance {{`{{`}} $labels.instance {{`}}`}} ({{`{{`}} $labels.job {{`}}`}}) is failing to serve read queries during last 15m. + + Concurrency limit `-search.maxConcurrentRequests` was reached on this instance and extra queries were + + put into the queue for `-search.maxQueueDuration` interval. But even after waiting in the queue these queries weren''t served. + + This happens if instance is overloaded with the current workload, or datasource is too slow to respond. + + Possible solutions are the following: + + * reduce the query load; + + * increase compute resources or number of replicas; + + * adjust limits `-search.maxConcurrentRequests` and `-search.maxQueueDuration`. + + See more at https://docs.victoriametrics.com/victoriametrics/troubleshooting/#slow-queries. + + ' + summary: 'Read queries fail with timeout for {{`{{`}} $labels.job {{`}}`}} on instance {{`{{`}} $labels.instance {{`}}`}}' + condition: '{{ true }}' + expr: increase(vm_concurrent_select_limit_timeout_total[5m]) > 0 + for: 15m + labels: + severity: warning diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/vmagent.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/vmagent.yaml new file mode 100644 index 0000000..5fd3e8a --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/vmagent.yaml @@ -0,0 +1,148 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +concurrency: 2 +condition: '{{ true }}' +interval: 30s +name: vmagent +rules: +- alert: PersistentQueueIsDroppingData + annotations: + dashboard: '{{ $grafanaHost }}/d/G7Z9GzMGz?viewPanel=49&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: 'Vmagent dropped {{`{{`}} $value | humanize1024 {{`}}`}} from persistent queue on instance {{`{{`}} $labels.instance {{`}}`}} for the last 10m.' + summary: 'Instance {{`{{`}} $labels.instance {{`}}`}} is dropping data from persistent queue' + condition: '{{ true }}' + expr: sum(increase(vm_persistentqueue_bytes_dropped_total[5m])) without (path) > 0 + for: 10m + labels: + severity: critical +- alert: RejectedRemoteWriteDataBlocksAreDropped + annotations: + dashboard: '{{ $grafanaHost }}/d/G7Z9GzMGz?viewPanel=79&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: 'Job "{{`{{`}} $labels.job {{`}}`}}" on instance {{`{{`}} $labels.instance {{`}}`}} drops the rejected by remote-write server data blocks. Check the logs to find the reason for rejects.' + summary: 'Vmagent is dropping data blocks that are rejected by remote storage' + condition: '{{ true }}' + expr: sum(increase(vmagent_remotewrite_packets_dropped_total[5m])) without (url) > 0 + for: 15m + labels: + severity: warning +- alert: TooManyScrapeErrors + annotations: + dashboard: '{{ $grafanaHost }}/d/G7Z9GzMGz?viewPanel=31&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: 'Job "{{`{{`}} $labels.job {{`}}`}}" on instance {{`{{`}} $labels.instance {{`}}`}} fails to scrape targets for last 15m' + summary: 'Vmagent fails to scrape one or more targets' + condition: '{{ true }}' + expr: increase(vm_promscrape_scrapes_failed_total[5m]) > 0 + for: 15m + labels: + severity: warning +- alert: ScrapePoolHasNoTargets + annotations: + description: 'Vmagent "{{`{{`}} $labels.job {{`}}`}}" has scrape_pool "{{`{{`}} $labels.scrape_job {{`}}`}}" with 0 discovered targets. It is likely a misconfiguration. Please follow https://docs.victoriametrics.com/victoriametrics/vmagent/#debugging-scrape-targets to troubleshoot the scraping config.' + summary: 'Vmagent has scrape_pool with 0 configured/discovered targets' + condition: '{{ true }}' + expr: sum(vm_promscrape_scrape_pool_targets) without (status, instance, pod) == 0 + for: 30m + labels: + severity: warning +- alert: TooManyWriteErrors + annotations: + dashboard: '{{ $grafanaHost }}/d/G7Z9GzMGz?viewPanel=77&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: 'Job "{{`{{`}} $labels.job {{`}}`}}" on instance {{`{{`}} $labels.instance {{`}}`}} responds with errors to write requests for last 15m.' + summary: 'Vmagent responds with too many errors on data ingestion protocols' + condition: '{{ true }}' + expr: |- + (sum(increase(vm_ingestserver_request_errors_total[5m])) without (name,net,type) + + + sum(increase(vmagent_http_request_errors_total[5m])) without (path,protocol)) > 0 + for: 15m + labels: + severity: warning +- alert: TooManyRemoteWriteErrors + annotations: + dashboard: '{{ $grafanaHost }}/d/G7Z9GzMGz?viewPanel=61&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: "Vmagent fails to push data via remote write protocol to destination \"{{`{{`}} $labels.url {{`}}`}}\"\n Ensure that destination is up and reachable." + summary: 'Job "{{`{{`}} $labels.job {{`}}`}}" on instance {{`{{`}} $labels.instance {{`}}`}} fails to push to remote storage' + condition: '{{ true }}' + expr: rate(vmagent_remotewrite_retries_count_total[5m]) > 0 + for: 15m + labels: + severity: warning +- alert: RemoteWriteConnectionIsSaturated + annotations: + dashboard: '{{ $grafanaHost }}/d/G7Z9GzMGz?viewPanel=84&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: "The remote write connection between vmagent \"{{`{{`}} $labels.job {{`}}`}}\" (instance {{`{{`}} $labels.instance {{`}}`}}) and destination \"{{`{{`}} $labels.url {{`}}`}}\" is saturated by more than 90% and vmagent won't be able to keep up.\n There could be the following reasons for this:\n * vmagent can't send data fast enough through the existing network connections. Increase `-remoteWrite.queues` cmd-line flag value to establish more connections per destination.\n * remote destination can't accept data fast enough. Check if remote destination has enough resources for processing." + summary: 'Remote write connection from "{{`{{`}} $labels.job {{`}}`}}" (instance {{`{{`}} $labels.instance {{`}}`}}) to {{`{{`}} $labels.url {{`}}`}} is saturated' + condition: '{{ true }}' + expr: "(\n rate(vmagent_remotewrite_send_duration_seconds_total[5m])\n / \n vmagent_remotewrite_queues\n) > 0.9" + for: 15m + labels: + severity: warning +- alert: PersistentQueueForWritesIsSaturated + annotations: + dashboard: '{{ $grafanaHost }}/d/G7Z9GzMGz?viewPanel=98&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: 'Persistent queue writes for vmagent "{{`{{`}} $labels.job {{`}}`}}" (instance {{`{{`}} $labels.instance {{`}}`}}) are saturated by more than 90% and vmagent won''t be able to keep up with flushing data on disk. In this case, consider to decrease load on the vmagent or improve the disk throughput.' + summary: 'Persistent queue writes for instance {{`{{`}} $labels.instance {{`}}`}} are saturated' + condition: '{{ true }}' + expr: rate(vm_persistentqueue_write_duration_seconds_total[5m]) > 0.9 + for: 15m + labels: + severity: warning +- alert: PersistentQueueForReadsIsSaturated + annotations: + dashboard: '{{ $grafanaHost }}/d/G7Z9GzMGz?viewPanel=99&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: 'Persistent queue reads for vmagent "{{`{{`}} $labels.job {{`}}`}}" (instance {{`{{`}} $labels.instance {{`}}`}}) are saturated by more than 90% and vmagent won''t be able to keep up with reading data from the disk. In this case, consider to decrease load on the vmagent or improve the disk throughput.' + summary: 'Persistent queue reads for instance {{`{{`}} $labels.instance {{`}}`}} are saturated' + condition: '{{ true }}' + expr: rate(vm_persistentqueue_read_duration_seconds_total[5m]) > 0.9 + for: 15m + labels: + severity: warning +- alert: SeriesLimitHourReached + annotations: + dashboard: '{{ $grafanaHost }}/d/G7Z9GzMGz?viewPanel=88&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: 'Max series limit set via -remoteWrite.maxHourlySeries flag is close to reaching the max value. Then samples for new time series will be dropped instead of sending them to remote storage systems.' + summary: 'Instance {{`{{`}} $labels.instance {{`}}`}} reached 90% of the limit' + condition: '{{ true }}' + expr: (vmagent_hourly_series_limit_current_series / vmagent_hourly_series_limit_max_series) > 0.9 + labels: + severity: critical +- alert: SeriesLimitDayReached + annotations: + dashboard: '{{ $grafanaHost }}/d/G7Z9GzMGz?viewPanel=90&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: 'Max series limit set via -remoteWrite.maxDailySeries flag is close to reaching the max value. Then samples for new time series will be dropped instead of sending them to remote storage systems.' + summary: 'Instance {{`{{`}} $labels.instance {{`}}`}} reached 90% of the limit' + condition: '{{ true }}' + expr: (vmagent_daily_series_limit_current_series / vmagent_daily_series_limit_max_series) > 0.9 + labels: + severity: critical +- alert: ConfigurationReloadFailure + annotations: + description: 'Configuration hot-reload failed for vmagent on instance {{`{{`}} $labels.instance {{`}}`}}. Check vmagent''s logs for detailed error message.' + summary: 'Configuration reload failed for vmagent instance {{`{{`}} $labels.instance {{`}}`}}' + condition: '{{ true }}' + expr: |- + vm_promscrape_config_last_reload_successful != 1 + or + vmagent_relabel_config_last_reload_successful != 1 + labels: + severity: warning +- alert: StreamAggrFlushTimeout + annotations: + description: 'Stream aggregation process can''t keep up with the load and might produce incorrect aggregation results. Check logs for more details. Possible solutions: increase aggregation interval; aggregate smaller number of series; reduce samples'' ingestion rate to stream aggregation.' + summary: 'Streaming aggregation at "{{`{{`}} $labels.job {{`}}`}}" (instance {{`{{`}} $labels.instance {{`}}`}}) can''t be finished within the configured aggregation interval.' + condition: '{{ true }}' + expr: increase(vm_streamaggr_flush_timeouts_total[5m]) > 0 + labels: + severity: warning +- alert: StreamAggrDedupFlushTimeout + annotations: + description: 'Deduplication process can''t keep up with the load and might produce incorrect results. Check docs https://docs.victoriametrics.com/victoriametrics/stream-aggregation/#deduplication and logs for more details. Possible solutions: increase deduplication interval; deduplicate smaller number of series; reduce samples'' ingestion rate.' + summary: 'Deduplication "{{`{{`}} $labels.job {{`}}`}}" (instance {{`{{`}} $labels.instance {{`}}`}}) can''t be finished within configured deduplication interval.' + condition: '{{ true }}' + expr: increase(vm_streamaggr_dedup_flush_timeouts_total[5m]) > 0 + labels: + severity: warning diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/vmcluster.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/vmcluster.yaml new file mode 100644 index 0000000..a7b7638 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/vmcluster.yaml @@ -0,0 +1,153 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +concurrency: 2 +condition: '{{ true }}' +interval: 30s +name: vmcluster +rules: +- alert: DiskRunsOutOfSpaceIn3Days + annotations: + dashboard: '{{ $grafanaHost }}/d/oS7Bi_0Wz?viewPanel=20&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: "Taking into account current ingestion rate, free disk space will be enough only for {{`{{`}} $value | humanizeDuration {{`}}`}} on instance {{`{{`}} $labels.instance {{`}}`}}.\n Consider to limit the ingestion rate, decrease retention or scale the disk space up if possible." + summary: 'Instance {{`{{`}} $labels.instance {{`}}`}} will run out of disk space in 3 days' + condition: '{{ true }}' + expr: |- + sum(vm_free_disk_space_bytes) without(path) / + ( + (rate(vm_rows_added_to_storage_total[1d]) - sum(rate(vm_deduplicated_samples_total[1d])) without (type)) * ( + sum(vm_data_size_bytes{type!~"indexdb.*"}) without(type) / + sum(vm_rows{type!~"indexdb.*"}) without(type) + ) + + + rate(vm_new_timeseries_created_total[1d]) * ( + sum(vm_data_size_bytes{type="indexdb/file"}) / + sum(vm_rows{type="indexdb/file"}) + ) + ) < 3 * 24 * 3600 > 0 + for: 30m + labels: + severity: critical +- alert: NodeBecomesReadonlyIn3Days + annotations: + dashboard: '{{ $grafanaHost }}/d/oS7Bi_0Wz?viewPanel=20&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: "Taking into account current ingestion rate, free disk space and -storage.minFreeDiskSpaceBytes instance {{`{{`}} $labels.instance {{`}}`}} will remain writable for {{`{{`}} $value | humanizeDuration {{`}}`}}.\n Consider to limit the ingestion rate, decrease retention or scale the disk space up if possible." + summary: 'Instance {{`{{`}} $labels.instance {{`}}`}} will become read-only in 3 days' + condition: '{{ true }}' + expr: |- + sum(vm_free_disk_space_bytes - vm_free_disk_space_limit_bytes) without(path) / + ( + (rate(vm_rows_added_to_storage_total[1d]) - sum(rate(vm_deduplicated_samples_total[1d])) without (type)) * ( + sum(vm_data_size_bytes{type!~"indexdb.*"}) without(type) / + sum(vm_rows{type!~"indexdb.*"}) without(type) + ) + + + rate(vm_new_timeseries_created_total[1d]) * ( + sum(vm_data_size_bytes{type="indexdb/file"}) / + sum(vm_rows{type="indexdb/file"}) + ) + ) < 3 * 24 * 3600 > 0 + for: 30m + labels: + severity: warning +- alert: DiskRunsOutOfSpace + annotations: + dashboard: '{{ $grafanaHost }}/d/oS7Bi_0Wz?viewPanel=20&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: "Disk utilisation on instance {{`{{`}} $labels.instance {{`}}`}} is more than 80%.\n Having less than 20% of free disk space could cripple merges processes and overall performance. Consider to limit the ingestion rate, decrease retention or scale the disk space if possible." + summary: 'Instance {{`{{`}} $labels.instance {{`}}`}} (job={{`{{`}} $labels.job {{`}}`}}) will run out of disk space soon' + condition: '{{ true }}' + expr: |- + sum(vm_data_size_bytes) by (job,instance,{{ $groupLabels }}) / + ( + sum(vm_free_disk_space_bytes) by (job,instance,{{ $groupLabels }}) + + sum(vm_data_size_bytes) by (job,instance,{{ $groupLabels }}) + ) > 0.8 + for: 30m + labels: + severity: critical +- alert: RequestErrorsToAPI + annotations: + dashboard: '{{ $grafanaHost }}/d/oS7Bi_0Wz?viewPanel=52&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: 'Requests to path {{`{{`}} $labels.path {{`}}`}} are receiving errors. Please verify if clients are sending correct requests.' + summary: 'Too many errors served for {{`{{`}} $labels.job {{`}}`}} path {{`{{`}} $labels.path {{`}}`}} (instance {{`{{`}} $labels.instance {{`}}`}})' + condition: '{{ true }}' + expr: increase(vm_http_request_errors_total[5m]) > 0 + for: 15m + labels: + severity: warning + show_at: dashboard +- alert: RPCErrors + annotations: + dashboard: '{{ $grafanaHost }}/d/oS7Bi_0Wz?viewPanel=44&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: "RPC errors are interconnection errors between cluster components.\n Possible reasons for errors are misconfiguration, overload, network blips or unreachable components." + summary: 'Too many RPC errors for {{`{{`}} $labels.job {{`}}`}} (instance {{`{{`}} $labels.instance {{`}}`}})' + condition: '{{ true }}' + expr: |- + ( + sum(increase(vm_rpc_connection_errors_total[5m])) by (job,instance,{{ $groupLabels }}) + + + sum(increase(vm_rpc_dial_errors_total[5m])) by (job,instance,{{ $groupLabels }}) + + + sum(increase(vm_rpc_handshake_errors_total[5m])) by (job,instance,{{ $groupLabels }}) + ) > 0 + for: 15m + labels: + severity: warning + show_at: dashboard +- alert: TooHighChurnRate + annotations: + dashboard: '{{ $grafanaHost }}/d/oS7Bi_0Wz?viewPanel=102' + description: "VM constantly creates new time series.\n This effect is known as Churn Rate.\n High Churn Rate tightly connected with database performance and may result in unexpected OOM's or slow queries." + summary: 'Churn rate is more than 10% for the last 15m' + condition: '{{ true }}' + expr: |- + ( + sum(rate(vm_new_timeseries_created_total[5m])) by (job,{{ $groupLabels }}) + / + sum(rate(vm_rows_inserted_total[5m])) by (job,{{ $groupLabels }}) + ) > 0.1 + for: 15m + labels: + severity: warning +- alert: TooHighChurnRate24h + annotations: + dashboard: '{{ $grafanaHost }}/d/oS7Bi_0Wz?viewPanel=102' + description: "The number of created new time series over last 24h is 3x times higher than current number of active series.\n This effect is known as Churn Rate.\n High Churn Rate tightly connected with database performance and may result in unexpected OOM's or slow queries." + summary: 'Too high number of new series created over last 24h' + condition: '{{ true }}' + expr: |- + sum(increase(vm_new_timeseries_created_total[24h])) by (job,{{ $groupLabels }}) + > + (sum(vm_cache_entries{type="storage/hour_metric_ids"}) by (job,{{ $groupLabels }}) * 3) + for: 15m + labels: + severity: warning +- alert: TooHighSlowInsertsRate + annotations: + dashboard: '{{ $grafanaHost }}/d/oS7Bi_0Wz?viewPanel=108' + description: 'High rate of slow inserts may be a sign of resource exhaustion for the current load. It is likely more RAM is needed for optimal handling of the current number of active time series. See also https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3976#issuecomment-1476883183' + summary: 'Percentage of slow inserts is more than 5% for the last 15m' + condition: '{{ true }}' + expr: |- + ( + sum(rate(vm_slow_row_inserts_total[5m])) by (job,{{ $groupLabels }}) + / + sum(rate(vm_rows_inserted_total[5m])) by (job,{{ $groupLabels }}) + ) > 0.05 + for: 15m + labels: + severity: warning +- alert: VminsertVmstorageConnectionIsSaturated + annotations: + dashboard: '{{ $grafanaHost }}/d/oS7Bi_0Wz?viewPanel=139&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: "The connection between vminsert (instance {{`{{`}} $labels.instance {{`}}`}}) and vmstorage (instance {{`{{`}} $labels.addr {{`}}`}}) is saturated by more than 90% and vminsert won't be able to keep up.\n This usually means that more vminsert or vmstorage nodes must be added to the cluster in order to increase the total number of vminsert -> vmstorage links." + summary: 'Connection between vminsert on {{`{{`}} $labels.instance {{`}}`}} and vmstorage on {{`{{`}} $labels.addr {{`}}`}} is saturated' + condition: '{{ true }}' + expr: rate(vm_rpc_send_duration_seconds_total[5m]) > 0.9 + for: 15m + labels: + severity: warning + show_at: dashboard diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/vmoperator.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/vmoperator.yaml new file mode 100644 index 0000000..ab0df0d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/vmoperator.yaml @@ -0,0 +1,62 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +condition: '{{ true }}' +name: vmoperator +rules: +- alert: LogErrors + annotations: + dashboard: '{{`{{`}} $externalURL {{`}}`}}/d/1H179hunk/victoriametrics-operator?ds={{`{{`}} $labels.dc {{`}}`}}&orgId=1&viewPanel=16' + description: 'Operator has too many errors at logs: {{`{{`}} $value{{`}}`}}, check operator logs' + summary: 'Too many errors at logs of operator: {{`{{`}} $value{{`}}`}}' + condition: '{{ true }}' + expr: |- + sum( + rate( + operator_log_messages_total{ + level="error",job=~".*((victoria.*)|vm)-?operator" + }[5m] + ) + ) by ({{ $groupLabels }}) > 0 + for: 15m + labels: + severity: warning + show_at: dashboard +- alert: ReconcileErrors + annotations: + dashboard: '{{`{{`}} $externalURL {{`}}`}}/d/1H179hunk/victoriametrics-operator?ds={{`{{`}} $labels.dc {{`}}`}}&orgId=1&viewPanel=10' + description: 'Operator cannot parse response from k8s api server, possible bug: {{`{{`}} $value {{`}}`}}, check operator logs' + summary: 'Too many errors at reconcile loop of operator: {{`{{`}} $value{{`}}`}}' + condition: '{{ true }}' + expr: |- + sum( + rate( + controller_runtime_reconcile_errors_total{ + job=~".*((victoria.*)|vm)-?operator" + }[5m] + ) + ) by ({{ $groupLabels }}) > 0 + for: 10m + labels: + severity: warning + show_at: dashboard +- alert: HighQueueDepth + annotations: + dashboard: '{{`{{`}} $externalURL {{`}}`}}/d/1H179hunk/victoriametrics-operator?ds={{`{{`}} $labels.dc {{`}}`}}&orgId=1&viewPanel=20' + description: 'Operator cannot handle reconciliation load for controller: `{{`{{`}}- $labels.name {{`}}`}}`, current depth: {{`{{`}} $value {{`}}`}}' + summary: 'Too many `{{`{{`}}- $labels.name {{`}}`}}` in queue: {{`{{`}} $value {{`}}`}}' + condition: '{{ true }}' + expr: |- + sum( + workqueue_depth{ + job=~".*((victoria.*)|vm)-?operator", + name=~"(vmagent|vmalert|vmalertmanager|vmauth|vmcluster|vmnodescrape|vmpodscrape|vmprobe|vmrule|vmservicescrape|vmsingle|vmstaticscrape)" + } + ) by (name,{{ $groupLabels }}) > 10 + for: 15m + labels: + severity: warning + show_at: dashboard diff --git a/charts/victoria-metrics-k8s-stack/files/rules/generated/vmsingle.yaml b/charts/victoria-metrics-k8s-stack/files/rules/generated/vmsingle.yaml new file mode 100644 index 0000000..dd6bdfb --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/files/rules/generated/vmsingle.yaml @@ -0,0 +1,123 @@ +{{- $Values := (.helm).Values | default .Values }} +{{- $runbookUrl := ($Values.defaultRules).runbookUrl | default "https://runbooks.prometheus-operator.dev/runbooks" }} +{{- $clusterLabel := ($Values.global).clusterLabel | default "cluster" }} +{{- $additionalGroupByLabels := append $Values.defaultRules.additionalGroupByLabels $clusterLabel }} +{{- $groupLabels := join "," $additionalGroupByLabels }} +{{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} +concurrency: 2 +condition: '{{ true }}' +interval: 30s +name: vmsingle +rules: +- alert: DiskRunsOutOfSpaceIn3Days + annotations: + dashboard: '{{ $grafanaHost }}/d/wNf0q_kZk?viewPanel=53&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: "Taking into account current ingestion rate, free disk space will be enough only for {{`{{`}} $value | humanizeDuration {{`}}`}} on instance {{`{{`}} $labels.instance {{`}}`}}.\n Consider to limit the ingestion rate, decrease retention or scale the disk space if possible." + summary: 'Instance {{`{{`}} $labels.instance {{`}}`}} will run out of disk space soon' + condition: '{{ true }}' + expr: |- + sum(vm_free_disk_space_bytes) without(path) / + ( + (rate(vm_rows_added_to_storage_total[1d]) - sum(rate(vm_deduplicated_samples_total[1d])) without (type)) * ( + sum(vm_data_size_bytes{type!~"indexdb.*"}) without(type) / + sum(vm_rows{type!~"indexdb.*"}) without(type) + ) + + + rate(vm_new_timeseries_created_total[1d]) * ( + sum(vm_data_size_bytes{type="indexdb/file"}) / + sum(vm_rows{type="indexdb/file"}) + ) + ) < 3 * 24 * 3600 > 0 + for: 30m + labels: + severity: critical +- alert: NodeBecomesReadonlyIn3Days + annotations: + dashboard: '{{ $grafanaHost }}/d/oS7Bi_0Wz?viewPanel=53&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: "Taking into account current ingestion rate and free disk space instance {{`{{`}} $labels.instance {{`}}`}} is writable for {{`{{`}} $value | humanizeDuration {{`}}`}}.\n Consider to limit the ingestion rate, decrease retention or scale the disk space up if possible." + summary: 'Instance {{`{{`}} $labels.instance {{`}}`}} will become read-only in 3 days' + condition: '{{ true }}' + expr: |- + sum(vm_free_disk_space_bytes - vm_free_disk_space_limit_bytes) without(path) / + ( + (rate(vm_rows_added_to_storage_total[1d]) - sum(rate(vm_deduplicated_samples_total[1d])) without (type)) * ( + sum(vm_data_size_bytes{type!~"indexdb.*"}) without(type) / + sum(vm_rows{type!~"indexdb.*"}) without(type) + ) + + + rate(vm_new_timeseries_created_total[1d]) * ( + sum(vm_data_size_bytes{type="indexdb/file"}) / + sum(vm_rows{type="indexdb/file"}) + ) + ) < 3 * 24 * 3600 > 0 + for: 30m + labels: + severity: warning +- alert: DiskRunsOutOfSpace + annotations: + dashboard: '{{ $grafanaHost }}/d/wNf0q_kZk?viewPanel=53&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: "Disk utilisation on instance {{`{{`}} $labels.instance {{`}}`}} is more than 80%.\n Having less than 20% of free disk space could cripple merge processes and overall performance. Consider to limit the ingestion rate, decrease retention or scale the disk space if possible." + summary: 'Instance {{`{{`}} $labels.instance {{`}}`}} (job={{`{{`}} $labels.job {{`}}`}}) will run out of disk space soon' + condition: '{{ true }}' + expr: |- + sum(vm_data_size_bytes) by (job,instance,{{ $groupLabels }}) / + ( + sum(vm_free_disk_space_bytes) by (job,instance,{{ $groupLabels }}) + + sum(vm_data_size_bytes) by (job,instance,{{ $groupLabels }}) + ) > 0.8 + for: 30m + labels: + severity: critical +- alert: RequestErrorsToAPI + annotations: + dashboard: '{{ $grafanaHost }}/d/wNf0q_kZk?viewPanel=35&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: 'Requests to path {{`{{`}} $labels.path {{`}}`}} are receiving errors. Please verify if clients are sending correct requests.' + summary: 'Too many errors served for path {{`{{`}} $labels.path {{`}}`}} (instance {{`{{`}} $labels.instance {{`}}`}})' + condition: '{{ true }}' + expr: increase(vm_http_request_errors_total[5m]) > 0 + for: 15m + labels: + severity: warning +- alert: TooHighChurnRate + annotations: + dashboard: '{{ $grafanaHost }}/d/wNf0q_kZk?viewPanel=66&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: "VM constantly creates new time series on \"{{`{{`}} $labels.instance {{`}}`}}\".\n This effect is known as Churn Rate.\n High Churn Rate tightly connected with database performance and may result in unexpected OOM's or slow queries." + summary: 'Churn rate is more than 10% on "{{`{{`}} $labels.instance {{`}}`}}" for the last 15m' + condition: '{{ true }}' + expr: |- + ( + sum(rate(vm_new_timeseries_created_total[5m])) by (instance,{{ $groupLabels }}) + / + sum(rate(vm_rows_inserted_total[5m])) by (instance,{{ $groupLabels }}) + ) > 0.1 + for: 15m + labels: + severity: warning +- alert: TooHighChurnRate24h + annotations: + dashboard: '{{ $grafanaHost }}/d/wNf0q_kZk?viewPanel=66&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: "The number of created new time series over last 24h is 3x times higher than current number of active series on \"{{`{{`}} $labels.instance {{`}}`}}\".\n This effect is known as Churn Rate.\n High Churn Rate tightly connected with database performance and may result in unexpected OOM's or slow queries." + summary: 'Too high number of new series on "{{`{{`}} $labels.instance {{`}}`}}" created over last 24h' + condition: '{{ true }}' + expr: |- + sum(increase(vm_new_timeseries_created_total[24h])) by (instance,{{ $groupLabels }}) + > + (sum(vm_cache_entries{type="storage/hour_metric_ids"}) by (instance,{{ $groupLabels }}) * 3) + for: 15m + labels: + severity: warning +- alert: TooHighSlowInsertsRate + annotations: + dashboard: '{{ $grafanaHost }}/d/wNf0q_kZk?viewPanel=68&var-instance={{`{{`}} $labels.instance {{`}}`}}' + description: 'High rate of slow inserts on "{{`{{`}} $labels.instance {{`}}`}}" may be a sign of resource exhaustion for the current load. It is likely more RAM is needed for optimal handling of the current number of active time series. See also https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3976#issuecomment-1476883183' + summary: 'Percentage of slow inserts is more than 5% on "{{`{{`}} $labels.instance {{`}}`}}" for the last 15m' + condition: '{{ true }}' + expr: |- + ( + sum(rate(vm_slow_row_inserts_total[5m])) by (instance,{{ $groupLabels }}) + / + sum(rate(vm_rows_inserted_total[5m])) by (instance,{{ $groupLabels }}) + ) > 0.05 + for: 15m + labels: + severity: warning diff --git a/charts/victoria-metrics-k8s-stack/templates/_helpers.tpl b/charts/victoria-metrics-k8s-stack/templates/_helpers.tpl new file mode 100644 index 0000000..6a2cb1e --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/_helpers.tpl @@ -0,0 +1,409 @@ +{{- define "vm.read.endpoint" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $endpoint := default dict -}} + {{- $_ := set . "style" "managed" -}} + {{- if $Values.vmsingle.enabled -}} + {{- $_ := set . "appKey" (list "vmsingle" "spec") -}} + {{- $_ := set $endpoint "url" (include "vm.url" .) -}} + {{- else if and $Values.vmcluster.enabled $Values.vmcluster.spec.vmselect.enabled -}} + {{- $_ := set . "appKey" (list "vmcluster" "spec" "vmselect") -}} + {{- $baseURL := include "vm.url" . -}} + {{- $tenant := $Values.tenant | default 0 -}} + {{- $_ := set $endpoint "url" (printf "%s/select/%d/prometheus" $baseURL (int $tenant)) -}} + {{- else if $Values.external.vm.read.url -}} + {{- $endpoint = $Values.external.vm.read -}} + {{- end -}} + {{- with $endpoint -}} + {{- toYaml . -}} + {{- end -}} +{{- end }} + +{{- define "vm.write.endpoint" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $endpoint := default dict -}} + {{- $_ := set . "style" "managed" -}} + {{- if $Values.vmsingle.enabled -}} + {{- $_ := set . "appKey" (list "vmsingle" "spec") -}} + {{- $baseURL := include "vm.url" . -}} + {{- $_ := set $endpoint "url" (printf "%s/api/v1/write" $baseURL) -}} + {{- else if and $Values.vmcluster.enabled $Values.vmcluster.spec.vminsert.enabled -}} + {{- $_ := set . "appKey" (list "vmcluster" "spec" "vminsert") -}} + {{- $baseURL := include "vm.url" . -}} + {{- $tenant := $Values.tenant | default 0 -}} + {{- $_ := set $endpoint "url" (printf "%s/insert/%d/prometheus/api/v1/write" $baseURL (int $tenant)) -}} + {{- else if $Values.external.vm.write.url -}} + {{- $endpoint = $Values.external.vm.write -}} + {{- end -}} + {{- with $endpoint -}} + {{- toYaml . -}} + {{- end -}} +{{- end -}} + +{{- /* VMAlert remotes */ -}} +{{- define "vm.alert.remotes" -}} + {{- $ctx := . -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $remotes := default dict -}} + {{- $fullname := include "vm.managed.fullname" . -}} + {{- $_ := set $ctx "style" "managed" -}} + {{- $remoteWrite := include "vm.write.endpoint" $ctx | fromYaml -}} + {{- if and $Values.vmalert.remoteWriteVMAgent $Values.vmagent.enabled -}} + {{- $_ := set $ctx "appKey" (list "vmagent" "spec") -}} + {{- $remoteWrite = dict "url" (printf "%s/api/v1/write" (include "vm.url" $ctx)) -}} + {{- $_ := unset $ctx "appKey" -}} + {{- $_ := set $remotes "remoteWrite" $remoteWrite -}} + {{- else -}} + {{- $_ := set $remotes "remoteWrite" $remoteWrite -}} + {{- end -}} + {{- $readEndpoint := include "vm.read.endpoint" $ctx -}} + {{- if $readEndpoint }} + {{- $remoteRead := fromYaml $readEndpoint -}} + {{- $_ := set $remotes "remoteRead" $remoteRead -}} + {{- $_ := set $remotes "datasource" $remoteRead -}} + {{- else if or (not $Values.vmalert.spec.datasource) (not $Values.vmalert.spec.remoteRead) -}} + {{- fail "VM read source required! Either set `vmalert.enabled: false` or provide `vmalert.spec.remoteRead.url` and `vmalert.spec.datasource.url`" -}} + {{- end -}} + {{- if $Values.vmalert.additionalNotifierConfigs }} + {{- $configName := printf "%s-additional-notifier" $fullname -}} + {{- $notifierConfigRef := dict "name" $configName "key" "notifier-configs.yaml" -}} + {{- $_ := set $remotes "notifierConfigRef" $notifierConfigRef -}} + {{- else if $Values.alertmanager.enabled -}} + {{- $notifiers := default list -}} + {{- $appSecure := not (empty ((($Values.alertmanager).spec).webConfig).tls_server_config) -}} + {{- $_ := set $ctx "appKey" (list "alertmanager" "spec") -}} + {{- $_ := set $ctx "appSecure" $appSecure -}} + {{- $_ := set $ctx "appRoute" (($Values.alertmanager).spec).routePrefix -}} + {{- $alertManagerReplicas := $Values.alertmanager.spec.replicaCount | default 1 | int -}} + {{- range until $alertManagerReplicas -}} + {{- $_ := set $ctx "appIdx" . -}} + {{- $notifiers = append $notifiers (dict "url" (include "vm.url" $ctx)) -}} + {{- end }} + {{- $_ := set $remotes "notifiers" $notifiers -}} + {{- end -}} + {{- toYaml $remotes -}} +{{- end -}} + +{{- /* VMAlert templates */ -}} +{{- define "vm.alert.templates" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $cms := ($Values.vmalert.spec.configMaps | default list) -}} + {{- if $Values.vmalert.templateFiles -}} + {{- $fullname := include "vm.managed.fullname" . -}} + {{- $cms = append $cms (printf "%s-extra-tpl" $fullname) -}} + {{- end -}} + {{- $output := dict "configMaps" (compact $cms) -}} + {{- toYaml $output -}} +{{- end -}} + +{{- define "vm.license.global" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $license := (deepCopy ($Values.global).license) | default dict -}} + {{- if $license.key -}} + {{- if hasKey $license "keyRef" -}} + {{- $_ := unset $license "keyRef" -}} + {{- end -}} + {{- else if $license.keyRef.name -}} + {{- if hasKey $license "key" -}} + {{- $_ := unset $license "key" -}} + {{- end -}} + {{- else -}} + {{- $license = default dict -}} + {{- end -}} + {{- toYaml $license -}} +{{- end -}} + +{{- /* VMAlert spec */ -}} +{{- define "vm.alert.spec" -}} + {{- $Values := (.helm).Values | default .Values }} + {{- $Chart := (.helm).Chart | default .Chart }} + {{- $image := dict "tag" (include "vm.image.tag" .) }} + {{- $extraArgs := dict "remoteWrite.disablePathAppend" "true" -}} + {{- $fullname := include "vm.managed.fullname" . }} + {{- if $Values.vmalert.templateFiles -}} + {{- $ruleTmpl := printf "/etc/vm/configs/%s-extra-tpl/*.tmpl" $fullname -}} + {{- $_ := set $extraArgs "rule.templates" $ruleTmpl -}} + {{- end -}} + {{- $vmAlertTemplates := include "vm.alert.templates" . | fromYaml -}} + {{- $vmAlertRemotes := include "vm.alert.remotes" . | fromYaml -}} + {{- $spec := dict "extraArgs" $extraArgs "image" $image -}} + {{- with (include "vm.license.global" .) -}} + {{- $_ := set $spec "license" (fromYaml .) -}} + {{- end -}} + {{- with concat ($vmAlertRemotes.notifiers | default list) ($Values.vmalert.spec.notifiers | default list) }} + {{- $_ := set $vmAlertRemotes "notifiers" . }} + {{- end }} + {{- $spec := deepCopy (omit $Values.vmalert.spec "notifiers") | mergeOverwrite $vmAlertRemotes | mergeOverwrite $vmAlertTemplates | mergeOverwrite $spec }} + {{- if not (or (hasKey $spec "notifier") (hasKey $spec "notifiers") (hasKey $spec "notifierConfigRef") (hasKey $spec.extraArgs "notifier.blackhole")) }} + {{- fail "Neither `notifier`, `notifiers` nor `notifierConfigRef` is set for vmalert. If it's intentionally please consider setting `.vmalert.spec.extraArgs.['notifier.blackhole']` to `'true'`"}} + {{- end }} + {{- $output := deepCopy (omit $Values.vmalert.spec "notifiers") | mergeOverwrite $vmAlertRemotes | mergeOverwrite $vmAlertTemplates | mergeOverwrite $spec -}} + {{- if or $Values.grafana.enabled $Values.external.grafana.host }} + {{- if not (index $output.extraArgs "external.alert.source") -}} + {{- $alertSourceTpl := `{"datasource":%q,"queries":[{"expr":{{"{{"}} .Expr|jsonEscape|queryEscape {{"}}"}},"refId":"A"}],"range":{"from":"{{"{{"}} .ActiveAt.UnixMilli {{"}}"}}","to":"now"}}` -}} + {{- $alertSource := "" -}} + {{- if $Values.external.grafana.host -}} + {{- $alertSource = printf $alertSourceTpl $Values.external.grafana.datasource -}} + {{- else -}} + {{- $alertSource = printf $alertSourceTpl (index $Values.defaultDatasources.victoriametrics.datasources 0 "name") -}} + {{- end -}} + {{- $_ := set $output.extraArgs "external.alert.source" (printf "explore?left=%s" $alertSource) -}} + {{- end -}} + {{- if not (index $output.extraArgs "external.url") -}} + {{- $grafanaHost := ternary (index (($Values.grafana).ingress).hosts 0) (($Values.external).grafana).host ($Values.grafana).enabled }} + {{- $_ := set $output.extraArgs "external.url" (printf "http://%s" $grafanaHost) -}} + {{- end -}} + {{- end -}} + {{- tpl ($output | toYaml) . -}} +{{- end -}} + +{{- /* VM Agent remoteWrites */ -}} +{{- define "vm.agent.remote.write" -}} + {{- $Values := (.helm).Values | default .Values }} + {{- $remoteWrites := $Values.vmagent.additionalRemoteWrites | default list }} + {{- with include "vm.write.endpoint" . -}} + {{- $rws := $Values.vmagent.spec.remoteWrite | list (default dict) }} + {{- $rw := fromYaml . }} + {{- $remoteWrites = append $remoteWrites (mergeOverwrite $rw (deepCopy (first $rws))) }} + {{- end -}} + {{- toYaml (dict "remoteWrite" $remoteWrites) -}} +{{- end -}} + +{{- /* VMAgent spec */ -}} +{{- define "vm.agent.spec" -}} + {{- $Values := (.helm).Values | default .Values }} + {{- $Chart := (.helm).Chart | default .Chart }} + {{- $spec := include "vm.agent.remote.write" . | fromYaml -}} + {{- with (include "vm.license.global" .) -}} + {{- $_ := set $spec "license" (fromYaml .) -}} + {{- end -}} + {{- $image := dict "tag" (include "vm.image.tag" .) }} + {{- $_ := set $spec "image" $image -}} + {{- tpl (mergeOverwrite (deepCopy $spec) (deepCopy $Values.vmagent.spec) | toYaml) . -}} +{{- end }} + +{{- /* VMAuth spec */ -}} +{{- define "vm.auth.spec" -}} + {{- $Values := (.helm).Values | default .Values }} + {{- $image := dict "tag" (include "vm.image.tag" .) }} + {{- $_ := set . "style" "managed" -}} + {{- $vm := default dict -}} + {{- if $Values.vmsingle.enabled -}} + {{- $_ := set . "appKey" (list "vmsingle" "spec") -}} + {{- $url := urlParse (include "vm.url" .) -}} + {{- $_ := set $vm "read" $url -}} + {{- $_ := set $vm "write" $url -}} + {{- else if $Values.vmcluster.enabled -}} + {{- if $Values.vmcluster.spec.vminsert.enabled -}} + {{- $_ := set . "appKey" (list "vmcluster" "spec" "vminsert") -}} + {{- $writeURL := urlParse (include "vm.url" .) -}} + {{- $_ := set $writeURL "path" (printf "%s/insert" $writeURL.path) -}} + {{- $_ := set $vm "write" $writeURL }} + {{- else if $Values.external.vm.write.url -}} + {{- $_ := set $vm (urlParse $Values.external.vm.write.url) -}} + {{- end -}} + {{- if $Values.vmcluster.spec.vmselect.enabled -}} + {{- $_ := set . "appKey" (list "vmcluster" "spec" "vmselect") -}} + {{- $readURL := urlParse (include "vm.url" .) -}} + {{- $_ := set $readURL "path" (printf "%s/select" $readURL.path) -}} + {{- $_ := set $vm "read" $readURL }} + {{- else if $Values.external.vm.read.url -}} + {{- $_ := set $vm (urlParse $Values.external.vm.read.url) -}} + {{- end -}} + {{- $_ := set . "vm" $vm -}} + {{- else if or $Values.external.vm.read.url $Values.external.vm.write.url -}} + {{- with $Values.external.vm.read.url -}} + {{- $_ := set $vm "read" (urlParse .) -}} + {{- end -}} + {{- with $Values.external.vm.write.url -}} + {{- $_ := set $vm "write" (urlParse .) -}} + {{- end -}} + {{- end -}} + {{- $_ := set . "vm" $vm -}} + {{- $spec := $Values.vmauth.spec }} + {{- if $spec.unauthorizedUserAccessSpec }} + {{- if $spec.unauthorizedUserAccessSpec.disabled }} + {{- $_ := unset $spec "unauthorizedUserAccessSpec" }} + {{- else -}} + {{- $_ := unset $spec.unauthorizedUserAccessSpec "disabled" }} + {{- end -}} + {{- end -}} + {{- $_ := set $spec "image" (mergeOverwrite (deepCopy $image) (deepCopy ($spec.image | default dict))) -}} + {{- with (include "vm.license.global" .) -}} + {{- $_ := set $spec "license" (fromYaml .) -}} + {{- end -}} + {{- tpl (toYaml $spec) . -}} +{{- end -}} + +{{- /* Alermanager spec */ -}} +{{- define "vm.alertmanager.spec" -}} + {{- $Values := (.helm).Values | default .Values }} + {{- $fullname := include "vm.managed.fullname" . -}} + {{- $app := $Values.alertmanager }} + {{- $spec := $app.spec -}} + {{- if and (not $spec.configRawYaml) (not $spec.configSecret) (not $Values.alertmanager.useManagedConfig) -}} + {{- $_ := set $spec "configSecret" $fullname -}} + {{- end -}} + {{- $templates := $spec.templates | default list -}} + {{- if $Values.alertmanager.monzoTemplate.enabled -}} + {{- $configMap := printf "%s-monzo-tpl" $fullname -}} + {{- $templates = append $templates (dict "name" $configMap "key" "monzo.tmpl") -}} + {{- end -}} + {{- $configMap := printf "%s-extra-tpl" $fullname -}} + {{- range $key, $value := $Values.alertmanager.templateFiles | default dict -}} + {{- $templates = append $templates (dict "name" $configMap "key" $key) -}} + {{- end -}} + {{- if and ($app.useManagedConfig) (not (hasKey $spec "disableNamespaceMatcher")) }} + {{- $_ := set $spec "disableNamespaceMatcher" true }} + {{- end }} + {{- $_ := set $spec "templates" $templates -}} + {{- toYaml $spec -}} +{{- end -}} + +{{- /* Single spec */ -}} +{{- define "vm.single.spec" -}} + {{- $Values := (.helm).Values | default .Values }} + {{- $Chart := (.helm).Chart | default .Chart }} + {{- $image := dict "tag" (include "vm.image.tag" .) }} + {{- $extraArgs := default dict -}} + {{- $_ := set . "style" "managed" -}} + {{- if $Values.vmalert.enabled }} + {{- $_ := set . "appKey" (list "vmalert" "spec") }} + {{- $_ := set $extraArgs "vmalert.proxyURL" (include "vm.url" .) -}} + {{- end -}} + {{- $spec := dict "extraArgs" $extraArgs "image" $image -}} + {{- with (include "vm.license.global" .) -}} + {{- $_ := set $spec "license" (fromYaml .) -}} + {{- end -}} + {{- tpl (deepCopy $Values.vmsingle.spec | mergeOverwrite $spec | toYaml) . -}} +{{- end }} + +{{- /* Cluster spec */ -}} +{{- define "vm.select.spec" -}} + {{- $Values := (.helm).Values | default .Values }} + {{- $Chart := (.helm).Chart | default .Chart }} + {{- $extraArgs := default dict -}} + {{- $_ := set . "style" "managed" -}} + {{- if $Values.vmalert.enabled -}} + {{- $_ := set . "appKey" (list "vmalert" "spec") -}} + {{- $_ := set $extraArgs "vmalert.proxyURL" (include "vm.url" .) -}} + {{- end -}} + {{- $image := dict "tag" (printf "%s-cluster" (include "vm.image.tag" .)) }} + {{- $spec := dict "extraArgs" $extraArgs "image" $image -}} + {{- toYaml $spec -}} +{{- end -}} + +{{- define "vm.cluster.spec" -}} + {{- $Values := (.helm).Values | default .Values }} + {{- $Chart := (.helm).Chart | default .Chart }} + {{- $selectSpec := include "vm.select.spec" . | fromYaml -}} + {{- $clusterSpec := deepCopy $Values.vmcluster.spec -}} + {{- $replicationFactor := (int $clusterSpec.replicationFactor) | default 1 }} + {{- $storageNodes := (int ($clusterSpec.vmstorage).replicaCount) | default 1 }} + {{- $minStorageNodes := sub (mul 2 $replicationFactor) 1 }} + {{- if gt $minStorageNodes $storageNodes }} + {{ fail (printf "storage nodes count %d is smaller than expected %d" $storageNodes $minStorageNodes) }} + {{- end }} + {{- $image := dict "image" (dict "tag" (printf "%s-cluster" (include "vm.image.tag" .))) }} + {{- $clusterSpec = mergeOverwrite (dict "vminsert" (deepCopy $image)) $clusterSpec -}} + {{- $clusterSpec = mergeOverwrite (dict "vmstorage" (deepCopy $image)) $clusterSpec -}} + {{- with (include "vm.license.global" .) -}} + {{- $_ := set $clusterSpec "license" (fromYaml .) -}} + {{- end -}} + {{- if ($clusterSpec.requestsLoadBalancer).enabled }} + {{- $balancerSpec := $clusterSpec.requestsLoadBalancer.spec | default dict }} + {{- $authImage := dict "image" (dict "tag" (include "vm.image.tag" .)) }} + {{- $_ := set $clusterSpec.requestsLoadBalancer "spec" (mergeOverwrite $authImage $balancerSpec) }} + {{- end }} + {{- $clusterSpec = mergeOverwrite (dict "vmselect" $selectSpec) $clusterSpec }} + {{- if not $clusterSpec.vmselect.enabled -}} + {{- $_ := unset $clusterSpec "vmselect" -}} + {{- else -}} + {{- $_ := unset $clusterSpec.vmselect "enabled" -}} + {{- end -}} + {{- if not $clusterSpec.vminsert.enabled -}} + {{- $_ := unset $clusterSpec "vminsert" -}} + {{- else -}} + {{- $_ := unset $clusterSpec.vminsert "enabled" -}} + {{- end -}} + {{- tpl (toYaml $clusterSpec) . -}} +{{- end -}} + +{{- define "vm.data.source.enabled" -}} + {{- $Values := (.helm).Values | default .Values -}} + {{- $grafana := $Values.grafana -}} + {{- $installed := default list }} + {{- range $plugin := ($grafana.plugins | default list) -}} + {{- $plugin = splitList ";" $plugin | reverse | first }} + {{- $installed = append $installed $plugin }} + {{- end -}} + {{- $ds := .ds -}} + {{- toString (or (not (hasKey $ds "version")) (has $ds.type $installed)) -}} +{{- end -}} + +{{- /* Datasources */ -}} +{{- define "vm.data.sources" -}} + {{- $ctx := . }} + {{- $Values := (.helm).Values | default .Values }} + {{- $datasources := $Values.defaultDatasources.extra | default list -}} + {{- $readURL := include "vm.read.endpoint" $ctx -}} + {{- if $readURL -}} + {{- $readEndpoint := fromYaml $readURL -}} + {{- $defaultDatasources := default list -}} + {{- range $ds := $Values.defaultDatasources.victoriametrics.datasources }} + {{- $_ := set $ds "url" $readEndpoint.url -}} + {{- $defaultDatasources = append $defaultDatasources $ds -}} + {{- end }} + {{- $datasources = concat $datasources $defaultDatasources -}} + {{- if and $Values.defaultDatasources.victoriametrics.perReplica $defaultDatasources -}} + {{- range $id := until (int $Values.vmsingle.spec.replicaCount) -}} + {{- $_ := set $ctx "appIdx" $id -}} + {{- $readEndpoint := include "vm.read.endpoint" $ctx | fromYaml -}} + {{- range $ds := $defaultDatasources -}} + {{- $ds = deepCopy $ds -}} + {{- $_ := set $ds "url" $readEndpoint.url -}} + {{- $_ := set $ds "name" (printf "%s-%d" $ds.name $id) -}} + {{- $_ := set $ds "isDefault" false -}} + {{- $datasources = append $datasources $ds -}} + {{- end -}} + {{- end -}} + {{- end -}} + {{- end -}} + {{- if $Values.alertmanager.enabled -}} + {{- range $ds := $Values.defaultDatasources.alertmanager.datasources }} + {{- $appSecure := not (empty ((($Values.alertmanager).spec).webConfig).tls_server_config) -}} + {{- $_ := set $ctx "appKey" (list "alertmanager" "spec") -}} + {{- $_ := set $ctx "appSecure" $appSecure -}} + {{- $_ := set $ctx "appRoute" (($Values.alertmanager).spec).routePrefix -}} + {{- $_ := set $ds "url" (include "vm.url" $ctx) -}} + {{- $_ := set $ds "type" "alertmanager" -}} + {{- $datasources = append $datasources $ds -}} + {{- end }} + {{- end -}} + {{- toYaml (dict "datasources" $datasources) -}} +{{- end }} + +{{- /* VMRule name */ -}} +{{- define "vm-k8s-stack.rulegroup.name" -}} + {{- printf "%s-%s" (include "vm.fullname" .) (.name | replace "_" "") -}} +{{- end -}} + +{{- /* VMRule labels */ -}} +{{- define "vm-k8s-stack.rulegroup.labels" -}} + {{- $Values := (.helm).Values | default .Values }} + {{- $labels := fromYaml (include "vm.labels" .) -}} + {{- $_ := set $labels "app" (include "vm.name" .) -}} + {{- $labels = mergeOverwrite $labels (deepCopy $Values.defaultRules.labels) -}} + {{- toYaml $labels -}} +{{- end }} + +{{- /* VMRule key */ -}} +{{- define "vm-k8s-stack.rulegroup.key" -}} + {{- without (regexSplit "[-_.]" .name -1) "exporter" "rules" | join "-" | camelcase | untitle -}} +{{- end -}} + +{{- /* VMAlertmanager name */ -}} +{{- define "vm-k8s-stack.alertmanager.name" -}} + {{- $Values := (.helm).Values | default .Values }} + {{- $_ := set . "appKey" (list "alertmanager" "spec") -}} + {{- $Values.alertmanager.name | default (include "vm.managed.fullname" .) -}} +{{- end -}} diff --git a/charts/victoria-metrics-k8s-stack/templates/extra-objects.yaml b/charts/victoria-metrics-k8s-stack/templates/extra-objects.yaml new file mode 100644 index 0000000..f44224d --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/extra-objects.yaml @@ -0,0 +1,4 @@ +{{ range .Values.extraObjects }} +--- +{{ tpl (ternary . (toYaml .) (typeIs "string" .)) $ }} +{{ end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/grafana/dashboard.yaml b/charts/victoria-metrics-k8s-stack/templates/grafana/dashboard.yaml new file mode 100644 index 0000000..cb5ada9 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/grafana/dashboard.yaml @@ -0,0 +1,93 @@ +{{- if .Values.defaultDashboards.enabled }} + +{{- /* +Create custom template context +*/}} +{{- $ctx := dict "helm" . -}} + +{{- /* +Loop through all dashboard files, that were crafted with hack/sync_grafana_dashboards.py +*/}} +{{- range $dashboardFile, $_ := .Files.Glob "files/dashboards/**.yaml" -}} + +{{- /* +Get dashboard name +*/}} +{{- $dashboardBase := base $dashboardFile }} +{{- $dashboardName := (trimSuffix (ext $dashboardBase) $dashboardBase) -}} + +{{- /* +Get dashboard data from file +*/}} +{{- $dashboardData := fromYaml (tpl ($.Files.Get $dashboardFile) $) -}} + +{{- /* +Save condition for a dashboard from file +*/}} +{{- $dashboardCondition := $dashboardData.condition }} +{{- if hasKey (index ((($.Values).defaultDashboards).dashboards) $dashboardName) "enabled" }} + {{- $dashboardCondition = index $.Values.defaultDashboards.dashboards $dashboardName "enabled" }} +{{- end }} + +{{- /* +Delete condition from dashboard +*/}} +{{- $_ := unset $dashboardData "condition" -}} + +{{- if and $.Values.grafana.sidecar.dashboards.enabled $.Values.grafana.dashboards -}} +{{ fail `It is not possible to use both "grafana.sidecar.dashboards.enabled: true" and "grafana.dashboards" at the same time. +Disable either sidecar or dashboards configuration. See more details at https://docs.victoriametrics.com/helm/victoriametrics-k8s-stack/#adding-external-dashboards` }} +{{- end -}} + +{{- /* +Check if dashboard is enabled +*/}} +{{- if $dashboardCondition }} + +{{- $dashboardResult := toRawJson $dashboardData -}} +{{- $app := ((printf "%s-grafana" (include "vm.name" $)) | trunc 63 | trimSuffix "-") }} +{{- $_ := set $ctx "extraLabels" (dict "app" $app) }} +{{- if $.Values.defaultDashboards.grafanaOperator.enabled }} +--- +apiVersion: grafana.integreatly.org/v1beta1 +kind: GrafanaDashboard +metadata: + namespace: {{ include "vm.namespace" $ }} + name: {{ printf "%s-%s" (include "vm.fullname" $ctx) $dashboardName | replace "_" "" }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- with $.Values.defaultDashboards.annotations }} + annotations: + {{- range $key, $val := . }} + {{ $key }}: {{ $val | quote }} + {{- end }} + {{- end }} +spec: + json: | {{ $dashboardResult | nindent 4 }} + {{- toYaml $.Values.defaultDashboards.grafanaOperator.spec | nindent 2 }} +{{- else }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: {{ include "vm.namespace" $ }} + name: {{ printf "%s-%s" (include "vm.fullname" $) $dashboardName }} + labels: + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "1" + {{- end }} + {{- range $key, $val := $.Values.defaultDashboards.labels }} + {{ $key }}: {{ $val | quote }} + {{- end }} + {{- include "vm.labels" $ctx | nindent 4 }} + {{- with $.Values.defaultDashboards.annotations }} + annotations: + {{- range $key, $val := . }} + {{ $key }}: {{ $val | quote }} + {{- end }} + {{- end }} +data: + {{ $dashboardName }}.json: | {{ $dashboardResult | nindent 4 }} +{{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/grafana/datasource.yaml b/charts/victoria-metrics-k8s-stack/templates/grafana/datasource.yaml new file mode 100644 index 0000000..1068829 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/grafana/datasource.yaml @@ -0,0 +1,58 @@ +{{- if or (and .Values.grafana.enabled .Values.grafana.sidecar.datasources.enabled ) .Values.grafana.forceDeployDatasource }} +{{- $ctx := dict "helm" . }} +{{- $grafanaOperator := .Values.defaultDatasources.grafanaOperator }} +{{- $fullname := include "vm.fullname" $ctx }} +{{- $output := include "vm.data.sources" . | fromYaml }} +{{- if $grafanaOperator.enabled }} +{{- range $ds := $output.datasources }} +--- +apiVersion: grafana.integreatly.org/v1beta1 +kind: GrafanaDatasource +metadata: + namespace: {{ include "vm.namespace" $ }} + name: {{ $fullname }}-{{ regexReplaceAll "[-]+" (regexReplaceAll "[^\\w]" (lower $ds.name) "-") "-" | trimSuffix "-" }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- with $grafanaOperator.annotations }} + annotations: + {{- range $key, $val := . }} + {{ $key }}: {{ $val | quote }} + {{- end }} + {{- end }} + {{- $spec := deepCopy $grafanaOperator.spec }} + {{- $_ := set $spec "datasource" $ds }} + {{- $_ := set $ctx "ds" $ds }} + {{- if eq (include "vm.data.source.enabled" $ctx) "false" -}} + {{- $_ := set $spec "plugins" (list (dict "name" $ds.type "version" $ds.version)) }} + {{- end }} + {{- $_ := unset $ds "version" }} +spec: {{ toYaml $spec | nindent 2 }} +{{- end }} +{{- else }} + {{- $datasources := default list }} + {{- range $ds := $output.datasources }} + {{- $_ := set $ctx "ds" $ds }} + {{- if eq (include "vm.data.source.enabled" $ctx) "true" -}} + {{- $_ := unset $ds "version" }} + {{- $datasources = append $datasources $ds }} + {{- end -}} + {{- end }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $fullname }}-grafana-ds + namespace: {{ include "vm.namespace" $ }} + {{- with $.Values.grafana.sidecar.datasources.annotations }} + annotations: {{ toYaml $ | nindent 4 }} + {{- end }} + labels: + {{ $.Values.grafana.sidecar.datasources.label }}: "1" + {{- $app := ((printf "%s-grafana" (include "vm.name" $ctx)) | trunc 63 | trimSuffix "-") }} + app: {{ $app }} + {{- include "vm.labels" $ctx | nindent 4 }} +data: + datasource.yaml: |- + apiVersion: 1 + datasources: {{ toYaml $datasources | nindent 6 }} +{{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/ingress.yaml b/charts/victoria-metrics-k8s-stack/templates/ingress.yaml new file mode 100644 index 0000000..f515ecb --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/ingress.yaml @@ -0,0 +1,56 @@ +{{- $ns := include "vm.namespace" . }} +{{- range $name, $config := .Values }} + {{- if and (kindIs "map" $config) (hasKey $config "ingress") ($config.enabled) (empty (index $.Subcharts $name)) }} + {{- $ingresses := ternary (dict $name $config.ingress) $config.ingress (hasKey $config.ingress "enabled") }} + {{- range $ingName, $ingress := $ingresses }} + {{- if $ingress.enabled }} + {{- $ingName = ternary $ingName (printf "vm%s" $ingName) (or (hasPrefix "vm" $ingName) (not (hasPrefix "vm" $name))) }} + {{- $appKey := ternary $name (list $name "spec" $ingName) (eq $name $ingName) -}} + {{- $ctx := dict "helm" $ "appKey" $appKey -}} + {{- $fullname := include "vm.managed.fullname" $ctx }} +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullname }} + namespace: {{ $ns }} + {{- $_ := set $ctx "extraLabels" $ingress.labels }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- with $ingress.annotations }} + annotations: {{ tpl (toYaml .) $ | nindent 4 }} + {{- end }} +spec: + {{- with $ingress.ingressClassName }} + ingressClassName: {{ tpl (.) $ }} + {{- end }} + {{- with $ingress.tls }} + tls: {{ tpl (toYaml .) $ | nindent 4 }} + {{- end }} + rules: + {{- $hosts := $ingress.hosts | default (list "") }} + {{- range $hosts }} + - http: + paths: + {{- with $ingress.extraPaths }} + {{- toYaml . | nindent 10 }} + {{- end }} + - backend: + service: + name: {{ $fullname }} + port: + name: {{ $ingress.portName | default "http" }} + {{- with ($ingress.path | default (dig "spec" "extraArgs" "http.pathPrefix" "/" $config)) }} + path: {{ tpl . $ }} + {{- end }} + {{- with $ingress.pathType }} + pathType: {{ . }} + {{- end }} + {{- with . }} + host: {{ tpl . $ | quote }} + {{- end }} + {{- end }} + + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/rules/additionalVictoriaMetricsRules.yml b/charts/victoria-metrics-k8s-stack/templates/rules/additionalVictoriaMetricsRules.yml new file mode 100644 index 0000000..89a4a36 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/rules/additionalVictoriaMetricsRules.yml @@ -0,0 +1,27 @@ +{{- $prefix := (include "vm.name" .) }} +{{- if .Values.additionalVictoriaMetricsMap }} +{{- $app := .Values.vmalert }} +{{- $ctx := dict "helm" . "appKey" (list "vmalert" "spec") }} +{{- $ns := include "vm.namespace" $ctx }} +apiVersion: v1 +kind: List +metadata: + name: {{ include "vm.fullname" . }}-additional-victoria-metrics-rules + namespace: {{ $ns }} +items: +{{- range $VMRuleName, $VMRule := .Values.additionalVictoriaMetricsMap }} + - apiVersion: operator.victoriametrics.com/v1beta1 + kind: VMRule + metadata: + {{- $name := (printf "%s-%s" $prefix $VMRuleName) }} + name: {{ $name }} + namespace: {{ include "vm.namespace" $ }} + {{- $extraLabels := (deepCopy ($VMRule.additionalLabels | default dict)) -}} + {{- $_ := set $extraLabels "app" $prefix }} + {{- $_ := set $ctx "extraLabels" $extraLabels }} + labels: {{ include "vm.labels" $ctx | nindent 8 }} + {{- $_ := unset $ctx "extraLabels" }} + spec: + groups: {{ toYaml $VMRule.groups | nindent 8 }} +{{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/rules/rule.yaml b/charts/victoria-metrics-k8s-stack/templates/rules/rule.yaml new file mode 100644 index 0000000..6d4d18b --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/rules/rule.yaml @@ -0,0 +1,123 @@ +{{- if .Values.defaultRules.create }} + +{{- /* +Default rules alias +*/}} +{{- $defaultRules := .Values.defaultRules -}} + +{{- /* +Exact rules overrides +*/}} +{{- $exactRules := index $defaultRules "rules" | default dict }} + +{{- /* +Create custom template context +*/}} +{{- $ctx := dict "helm" . -}} + +{{- /* +Loop through all rules files, that were crafted with hack/sync_rules.py +*/}} +{{- range $groupFile, $_ := .Files.Glob "files/rules/**.yaml" -}} + +{{- /* +Get group name from file +*/}} +{{- $groupBase := base $groupFile -}} +{{- $groupNameRaw := trimSuffix (ext $groupBase) $groupBase -}} + +{{- /* +Create context for templating +*/}} +{{- $_ := set $ctx "name" $groupNameRaw -}} + +{{- /* +Create sanitized group name retrieved from file +*/}} +{{- $groupName := include "vm-k8s-stack.rulegroup.key" $ctx -}} + +{{- /* +Merge common group with a group data of a current iteration +*/}} + +{{- $group := mergeOverwrite (deepCopy (dig "group" (default dict) $defaultRules)) (dig "groups" $groupName (default dict) $defaultRules) -}} + +{{- /* +Get group data from file +*/}} +{{- $groupCtx := mergeOverwrite $ctx $group }} +{{- $groupData := fromYaml (tpl ($.Files.Get $groupFile) $groupCtx) -}} + +{{- /* +Save rules spec from file +*/}} +{{- $rulesSpec := $groupData.rules -}} + +{{- /* +Delete rules from group +*/}} +{{- $_ := unset $groupData "rules" -}} + +{{- /* +Save condition for group from file +*/}} +{{- $groupCondition := (eq $groupData.condition "true") -}} + +{{- /* +Delete condition from group +*/}} +{{- $_ := unset $groupData "condition" -}} + +{{- /* +Merge group spec +*/}} +{{- $groupSpec := mergeOverwrite (deepCopy $groupData) (dig "spec" (default dict) $group) -}} + +{{- /* +Filter out ignore rules +*/}} +{{- $commonRule := dig "rule" (default dict) $defaultRules }} +{{- $commonInGroupRule := dig "rules" (default dict) $group }} +{{- $filteredRulesSpec := default list }} +{{- range $_, $ruleSpec := $rulesSpec }} + {{- $ruleName := $ruleSpec.alert | default $ruleSpec.record | default "" }} + {{- $ruleKey := (hasKey $ruleSpec "record" | ternary "recording" "alerting") -}} + {{- $ruleCondition := (eq $ruleSpec.condition "true") }} + {{- $_ := unset $ruleSpec "condition" }} + {{- $exactRule := index $exactRules $ruleName | default dict }} + {{- $defaultRule := deepCopy (index $defaultRules $ruleKey) }} + {{- $resultRule := mergeOverwrite (deepCopy $commonRule) $defaultRule $commonInGroupRule $exactRule }} + {{- if (and (dig "create" true $resultRule) $ruleCondition) }} + {{- $ruleSpec := mergeOverwrite (deepCopy $ruleSpec) (dig "spec" (default dict) $resultRule) }} + {{- $filteredRulesSpec = append $filteredRulesSpec $ruleSpec }} + {{- end }} +{{- end -}} +{{- $rulesSpec = $filteredRulesSpec }} + +{{- /* +Check if group is enabled +*/}} +{{- if (and $rulesSpec (dig "create" true $group) $groupCondition) }} +{{- $ruleName := (include "vm-k8s-stack.rulegroup.name" $ctx) }} +--- +apiVersion: operator.victoriametrics.com/v1beta1 +kind: VMRule +metadata: + namespace: {{ include "vm.namespace" $ }} + name: {{ $ruleName }} + {{- with (include "vm-k8s-stack.rulegroup.labels" $ctx) }} + labels: {{ . | nindent 4 }} + {{- end }} + {{- with $.Values.defaultRules.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} +spec: + groups: + - {{ toYaml $groupSpec | indent 4 | trim }} + rules: + {{- range $ruleSpec := $rulesSpec }} + - {{ toYaml $ruleSpec | indent 6 | trim }} + {{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/servicemonitors.yaml b/charts/victoria-metrics-k8s-stack/templates/servicemonitors.yaml new file mode 100644 index 0000000..77bba82 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/servicemonitors.yaml @@ -0,0 +1,112 @@ +{{- $ctx := dict "helm" . }} +{{- $scrapeLabels := include "vm.labels" $ctx }} +{{- $prefix := include "vm.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +{{- range $name, $config := .Values }} + {{- if and (kindIs "map" $config) $config.enabled (hasKey $config "vmScrape") }} + {{- $svc := kebabcase $name }} + {{- $fullname := printf "%s-%s" $prefix $svc }} + {{- $fullnameLabel := $fullname | trunc 63 | trimSuffix "-" }} + {{- $ports := ($config.service).ports | default dict }} + {{- if ($config.service).port }} + {{- $_ := set $ports "" $config.service }} + {{- end }} + {{- with $config.endpoints }} +--- +apiVersion: v1 +kind: Endpoints +metadata: + name: {{ $fullname }} + namespace: {{ $config.service.namespace | default "kube-system" }} + {{- $extraLabels := dict "app" $fullnameLabel "k8s-app" $svc }} + {{- $_ := set $ctx "extraLabels" $extraLabels }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} +subsets: + - addresses: + {{- range . }} + - ip: {{ . }} + {{- end }} + {{- if $ports }} + ports: + {{- range $portName, $portConfig := $ports }} + {{- $parts := list "http-metrics" }} + {{- if $portName }} + {{- $parts = append $parts $portName }} + {{- end }} + - name: {{ $parts | join "-" }} + port: {{ $portConfig.port }} + protocol: TCP + {{- end }} + {{- end }} + + {{- end }} + {{- $selector := default dict }} + {{- if and ($config.service).enabled (empty (index $.Subcharts $name)) }} + {{- $extraLabels := dict "app" $fullnameLabel "jobLabel" $svc }} + {{- $_ := set $ctx "extraLabels" $extraLabels }} + {{- $selector = dict "matchLabels" (fromYaml (include "vm.selectorLabels" $ctx)) }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ $fullname }} + namespace: {{ $config.service.namespace | default "kube-system" }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} +spec: + clusterIP: None + {{- if $ports }} + ports: + {{- range $portName, $portConfig := $ports }} + {{- $parts := list "http-metrics" }} + {{- if $portName }} + {{- $parts = append $parts $portName }} + {{- end }} + - name: {{ $parts | join "-" }} + port: {{ $portConfig.port }} + protocol: TCP + targetPort: {{ $portConfig.targetPort }} + {{- end }} + {{- end }} + {{- if empty $config.endpoints }} + {{- with ($config.service).selector }} + selector: {{ toYaml . | nindent 4 }} + {{- end }} + {{- end }} + type: ClusterIP + + + {{- end }} + {{- if $config.vmScrape }} + {{- if index $.Subcharts $name }} + {{- $_ := set $ctx "extraLabels" (default dict) }} + {{- $selector = dict "matchLabels" (fromYaml (include "vm.selectorLabels" $ctx)) }} + {{- end }} + {{- $spec := dict "selector" $selector }} + {{- $scrapes := $config.vmScrapes | default (dict $svc $config.vmScrape) }} + {{- $defaultScrape := $config.vmScrape | default dict }} + {{- range $scrapeName, $scrapeConfig := $scrapes }} + {{- $sc := mergeOverwrite (deepCopy $defaultScrape) (deepCopy $scrapeConfig) }} + {{- if or (not (hasKey $sc "enabled")) $sc.enabled }} + {{- $fullname = printf "%s-%s" $prefix $scrapeName }} +--- +apiVersion: operator.victoriametrics.com/v1beta1 +kind: {{ ternary "VMServiceScrape" $sc.kind (empty $sc.kind) }} +metadata: + name: {{ $fullname }} + namespace: {{ $ns }} + labels: {{ $scrapeLabels | nindent 4 }} +{{- $emptyParamsToDrop := list "endpoints" }} +{{- $scrapeSpec := mergeOverwrite (deepCopy $spec) (deepCopy $sc.spec) }} +{{- range $paramToDrop := $emptyParamsToDrop }} + {{- if and (hasKey $scrapeSpec $paramToDrop) (empty (index $scrapeSpec $paramToDrop)) }} + {{- $_ := unset $scrapeSpec $paramToDrop }} + {{- end }} +{{- end }} +spec: {{ (tpl (toYaml $scrapeSpec) $) | nindent 2 }} + + + {{- end }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmagent/vmagent.yaml b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmagent/vmagent.yaml new file mode 100644 index 0000000..fb72564 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmagent/vmagent.yaml @@ -0,0 +1,20 @@ +{{- $app := .Values.vmagent }} +{{- if $app.enabled }} +{{- $ctx := dict "helm" . "appKey" (list "vmagent" "spec") }} +{{- $fullname := include "vm.cr.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +--- +apiVersion: operator.victoriametrics.com/v1beta1 +kind: VMAgent +metadata: + {{- with $app.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + name: {{ $fullname }} + namespace: {{ $ns }} + {{- $_ := set $ctx "style" "managed" }} + {{- $_ := set $ctx "extraLabels" ($app.labels | default dict) }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- $_ := unset $ctx "extraLabels" }} +spec: {{ include "vm.agent.spec" $ctx | nindent 2 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalert/custom-templates.yaml b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalert/custom-templates.yaml new file mode 100644 index 0000000..525bc01 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalert/custom-templates.yaml @@ -0,0 +1,16 @@ +{{- $app := .Values.vmalert }} +{{- if and $app.enabled $app.templateFiles }} +{{- $ctx := dict "helm" . "appKey" (list "vmalert" "spec") }} +{{- $fullname := include "vm.managed.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +kind: ConfigMap +apiVersion: v1 +metadata: + name: {{ $fullname }}-extra-tpl + namespace: {{ $ns }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} +data: + {{- range $file, $template := $app.templateFiles }} + {{ $file }}: |{{ $template | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalert/notifiers.yaml b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalert/notifiers.yaml new file mode 100644 index 0000000..1cab811 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalert/notifiers.yaml @@ -0,0 +1,32 @@ +{{- $app := .Values.vmalert }} +{{- if and $app.enabled $app.additionalNotifierConfigs }} +{{- $ctx := dict "helm" . "appKey" (list "vmalert" "spec") }} +{{- $fullname := include "vm.managed.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ $fullname }}-additional-notifier + namespace: {{ $ns }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} +stringData: + {{- $configs := $app.additionalNotifierConfigs.static_configs | default list -}} + {{- if (.Values.alertmanager).enabled }} + {{- $replicas := ((.Values.alertmanager).spec).replicaCount | int -}} + {{- if gt $replicas 0 }} + {{- $targets := default list -}} + {{- $ctx := dict "helm" . "appKey" "alertmanager" }} + {{- $_ := set $ctx "appSecure" (not (empty (((.Values.alertmanager).spec).webConfig).tls_server_config)) -}} + {{- $_ := set $ctx "appRoute" ((.Values.alertmanager).spec).routePrefix -}} + {{- $_ := set $ctx "style" "managed" -}} + {{- range until $replicas -}} + {{- $_ := set $ctx "appIdx" . -}} + {{- $targets = append $targets (include "vm.url" $ctx) -}} + {{- $_ := unset $ctx "appIdx" -}} + {{- end }} + {{- $configs = append $configs (dict "targets" $targets) -}} + {{- end }} + {{- end }} + {{- $_ := set $app.additionalNotifierConfigs "static_configs" $configs }} + notifier-configs.yaml: |{{ toYaml $app.additionalNotifierConfigs | nindent 4 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalert/vmalert.yaml b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalert/vmalert.yaml new file mode 100644 index 0000000..9b262b6 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalert/vmalert.yaml @@ -0,0 +1,20 @@ +{{- $app := .Values.vmalert }} +{{- if $app.enabled }} +{{- $ctx := dict "helm" . "appKey" (list "vmalert" "spec") }} +{{- $fullname := include "vm.cr.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +--- +apiVersion: operator.victoriametrics.com/v1beta1 +kind: VMAlert +metadata: + {{- with $app.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + name: {{ $fullname }} + namespace: {{ $ns }} + {{- $_ := set $ctx "style" "managed" }} + {{- $_ := set $ctx "extraLabels" ($app.labels | default dict) }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- $_ := unset $ctx "extraLabels" }} +spec: {{ include "vm.alert.spec" $ctx | nindent 2 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalertmanager/custom-templates.yaml b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalertmanager/custom-templates.yaml new file mode 100644 index 0000000..9d6ea61 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalertmanager/custom-templates.yaml @@ -0,0 +1,17 @@ +{{- $app := .Values.alertmanager }} +{{- if and $app.enabled $app.templateFiles }} +{{- $ctx := dict "helm" . "appKey" (list "alertmanager" "spec") "style" "managed" }} +{{- $fullname := include "vm.managed.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +kind: ConfigMap +apiVersion: v1 +metadata: + name: {{ $fullname }}-extra-tpl + namespace: {{ $ns }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} +data: +{{- range $file, $template := $app.templateFiles }} + {{ $file }}: |- + {{- $template | nindent 4 }} +{{- end }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalertmanager/monzo-template.yaml b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalertmanager/monzo-template.yaml new file mode 100644 index 0000000..5f6d0be --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalertmanager/monzo-template.yaml @@ -0,0 +1,101 @@ +{{- $app := .Values.alertmanager }} +{{- if and $app.enabled $app.monzoTemplate.enabled }} +{{- $ctx := dict "helm" . "appKey" (list "alertmanager" "spec") "style" "managed" }} +{{- $fullname := include "vm.managed.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: {{ $fullname }}-monzo-tpl + namespace: {{ $ns }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} +data: + monzo.tmpl: |- + {{`# This builds the silence URL. We exclude the alertname in the range + # to avoid the issue of having trailing comma separator (%2C) at the end + # of the generated URL + {{ define "__alert_silence_link" -}} + {{ .ExternalURL }}/#/silences/new?filter=%7B + {{- range .CommonLabels.SortedPairs -}} + {{- if ne .Name "alertname" -}} + {{- .Name }}%3D"{{- .Value | urlquery -}}"%2C%20 + {{- end -}} + {{- end -}} + alertname%3D"{{ .CommonLabels.alertname }}"%7D + {{- end }} + + {{ define "__alert_severity_prefix" -}} + {{ if ne .Status "firing" -}} + :lgtm: + {{- else if eq .Labels.severity "critical" -}} + :fire: + {{- else if eq .Labels.severity "warning" -}} + :warning: + {{- else -}} + :question: + {{- end }} + {{- end }} + + {{ define "__alert_severity_prefix_title" -}} + {{ if ne .Status "firing" -}} + :lgtm: + {{- else if eq .CommonLabels.severity "critical" -}} + :fire: + {{- else if eq .CommonLabels.severity "warning" -}} + :warning: + {{- else if eq .CommonLabels.severity "info" -}} + :information_source: + {{- else -}} + :question: + {{- end }} + {{- end }} + + + {{/* First line of Slack alerts */}} + {{ define "slack.monzo.title" -}} + [{{ .Status | toUpper -}} + {{ if eq .Status "firing" }}:{{ .Alerts.Firing | len }}{{- end -}} + ] {{ template "__alert_severity_prefix_title" . }} {{ .CommonLabels.alertname }} + {{- end }} + + + {{/* Color of Slack attachment (appears as line next to alert )*/}} + {{ define "slack.monzo.color" -}} + {{ if eq .Status "firing" -}} + {{ if eq .CommonLabels.severity "warning" -}} + warning + {{- else if eq .CommonLabels.severity "critical" -}} + danger + {{- else -}} + #439FE0 + {{- end -}} + {{ else -}} + good + {{- end }} + {{- end }} + + {{/* Emoji to display as user icon (custom emoji supported!) */}} + {{ define "slack.monzo.icon_emoji" }}:waitwhat:{{ end }} + + {{/* The test to display in the alert */}} + {{ define "slack.monzo.text" -}} + {{ range .Alerts }} + {{- if .Annotations.message }} + • {{ .Annotations.message }} + {{- end }} + {{- if .Annotations.description }} + • {{ .Annotations.description }} + {{- end }} + {{- end }} + {{- end }} + + {{ define "slack.monzo.link_button_text" -}} + {{- if .CommonAnnotations.link_text -}} + {{- .CommonAnnotations.link_text -}} + {{- else -}} + Link + {{- end }} :link: + {{- end }} + `}} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalertmanager/vmalertmanager.yaml b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalertmanager/vmalertmanager.yaml new file mode 100644 index 0000000..54c4213 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmalertmanager/vmalertmanager.yaml @@ -0,0 +1,46 @@ +{{- $app := .Values.alertmanager }} +{{- if $app.enabled }} + {{- $ctx := dict "helm" . "appKey" (list "alertmanager" "spec") "style" "managed" }} + {{- $ns := include "vm.namespace" $ctx }} + {{- if and $app.spec.configRawYaml $app.config }} + {{- fail "ERROR: Both .Values.alertmanager.spec.configRawYaml and .Values.alertmanager.config are set, but only one is allowed." }} + {{- end }} + {{- $fullname := include "vm.cr.fullname" $ctx }} + {{- if and (not $app.spec.configSecret) (not $app.spec.configRawYaml) }} + {{- if $app.useManagedConfig }} +--- +apiVersion: operator.victoriametrics.com/v1beta1 +kind: VMAlertmanagerConfig +metadata: + name: {{ $fullname }} + namespace: {{ $ns }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} +spec: {{ toYaml .Values.alertmanager.config | nindent 2 }} + {{- else }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "vm.managed.fullname" $ctx }} + namespace: {{ $ns }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} +stringData: + alertmanager.yaml: |{{ toYaml .Values.alertmanager.config | nindent 4 }} + templates: + - "/etc/vm/configs/**/*.tmpl" + {{- end }} + {{- end }} +--- +apiVersion: operator.victoriametrics.com/v1beta1 +kind: VMAlertmanager +metadata: + {{- with .Values.alertmanager.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + name: {{ $fullname }} + namespace: {{ $ns }} + {{- $_ := set $ctx "extraLabels" ($app.labels | default dict) }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- $_ := unset $ctx "extraLabels" }} +spec: {{ include "vm.alertmanager.spec" $ctx | nindent 2 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmauth/vmauth.yaml b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmauth/vmauth.yaml new file mode 100644 index 0000000..b4a8525 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmauth/vmauth.yaml @@ -0,0 +1,19 @@ +{{- $app := .Values.vmauth }} +{{- if $app.enabled }} +{{- $ctx := dict "helm" . "appKey" (list "vmauth" "spec") }} +{{- $fullname := include "vm.cr.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +--- +apiVersion: operator.victoriametrics.com/v1beta1 +kind: VMAuth +metadata: + {{- with $app.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + name: {{ $fullname }} + namespace: {{ $ns }} + {{- $_ := set $ctx "extraLabels" ($app.labels | default dict) }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- $_ := unset $ctx "extraLabels" }} +spec: {{ include "vm.auth.spec" $ctx | nindent 2 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmcluster/vmcluster.yaml b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmcluster/vmcluster.yaml new file mode 100644 index 0000000..1bfbfd9 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmcluster/vmcluster.yaml @@ -0,0 +1,27 @@ +{{- $app := .Values.vmcluster }} +{{- if $app.enabled }} +{{- if .Values.vmsingle.enabled }} + {{- fail "Only one of .vmsingle.enabled and .vmcluster.enabled can be true"}} +{{- end }} +{{- $ctx := dict "helm" . "appKey" (list "vmcluster" "spec") }} +{{- $fullname := include "vm.cr.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +--- +apiVersion: operator.victoriametrics.com/v1beta1 +kind: VMCluster +metadata: + {{- with $app.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + name: {{ $fullname }} + namespace: {{ $ns }} + {{- $_ := set $ctx "style" "managed" }} + {{- $_ := set $ctx "extraLabels" ($app.labels | default dict) }} + {{- $labels := include "vm.labels" $ctx | fromYaml }} + {{- $_ := unset $ctx "extraLabels" }} + {{- if $app.spec.clusterVersion }} + {{- $_ := set $labels "app.kubernetes.io/version" $app.spec.clusterVersion }} + {{- end }} + labels: {{ toYaml $labels | nindent 4 }} +spec: {{ include "vm.cluster.spec" $ctx | nindent 2 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmsingle/vmsingle.yml b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmsingle/vmsingle.yml new file mode 100644 index 0000000..95eb3f3 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/templates/victoria-metrics-operator/vmsingle/vmsingle.yml @@ -0,0 +1,22 @@ +{{- $app := .Values.vmsingle }} +{{- if $app.enabled }} +{{- if .Values.vmcluster.enabled }} + {{- fail "Only one of .vmsingle.enabled and .vmcluster.enabled can be true"}} +{{- end }} +{{- $ctx := dict "helm" . "appKey" (list "vmsingle" "spec") }} +{{- $fullname := include "vm.cr.fullname" $ctx }} +{{- $ns := include "vm.namespace" $ctx }} +apiVersion: operator.victoriametrics.com/v1beta1 +kind: VMSingle +metadata: + {{- with $app.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + name: {{ $fullname }} + namespace: {{ $ns }} + {{- $_ := set $ctx "style" "managed" }} + {{- $_ := set $ctx "extraLabels" ($app.labels | default dict) }} + labels: {{ include "vm.labels" $ctx | nindent 4 }} + {{- $_ := unset $ctx "extraLabels" }} +spec: {{ include "vm.single.spec" $ctx | nindent 2 }} +{{- end }} diff --git a/charts/victoria-metrics-k8s-stack/values.minikube.yaml b/charts/victoria-metrics-k8s-stack/values.minikube.yaml new file mode 100644 index 0000000..2e20b67 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/values.minikube.yaml @@ -0,0 +1,40 @@ +vmagent: + spec: + volumes: + - hostPath: + path: /var/lib/minikube/certs/etcd + type: DirectoryOrCreate + name: etcd-certs + volumeMounts: + - mountPath: /var/lib/minikube/certs/etcd + name: etcd-certs +kubeScheduler: + vmScrape: + spec: + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + port: http-metrics + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + insecureSkipVerify: true +kubeControllerManager: + vmScrape: + spec: + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + port: http-metrics + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + insecureSkipVerify: true +kubeEtcd: + service: + port: 2381 + targetPort: 2381 + vmScrape: + spec: + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + port: http-metrics + scheme: http diff --git a/charts/victoria-metrics-k8s-stack/values.quay.yaml b/charts/victoria-metrics-k8s-stack/values.quay.yaml new file mode 100644 index 0000000..0c2f0c3 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/values.quay.yaml @@ -0,0 +1,28 @@ +victoria-metrics-operator: + image: + registry: "quay.io" + env: + - name: "VM_USECUSTOMCONFIGRELOADER" + value: "true" + - name: VM_CUSTOMCONFIGRELOADERIMAGE + value: "quay.io/victoriametrics/operator:config-reloader-v0.53.0" + - name: VM_VLOGSDEFAULT_IMAGE + value: "quay.io/victoriametrics/victoria-logs" + - name: "VM_VMALERTDEFAULT_IMAGE" + value: "quay.io/victoriametrics/vmalert" + - name: "VM_VMAGENTDEFAULT_IMAGE" + value: "quay.io/victoriametrics/vmagent" + - name: "VM_VMSINGLEDEFAULT_IMAGE" + value: "quay.io/victoriametrics/victoria-metrics" + - name: "VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_IMAGE" + value: "quay.io/victoriametrics/vmselect" + - name: "VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_IMAGE" + value: "quay.io/victoriametrics/vmstorage" + - name: "VM_VMCLUSTERDEFAULT_VMINSERTDEFAULT_IMAGE" + value: "quay.io/victoriametrics/vminsert" + - name: "VM_VMBACKUP_IMAGE" + value: "quay.io/victoriametrics/vmbackupmanager" + - name: "VM_VMAUTHDEFAULT_IMAGE" + value: "quay.io/victoriametrics/vmauth" + - name: "VM_VMALERTMANAGER_ALERTMANAGERDEFAULTBASEIMAGE" + value: "quay.io/prometheus/alertmanager" diff --git a/charts/victoria-metrics-k8s-stack/values.yaml b/charts/victoria-metrics-k8s-stack/values.yaml new file mode 100644 index 0000000..8a4def5 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/values.yaml @@ -0,0 +1,1293 @@ +global: + # -- Cluster label to use for dashboards and rules + clusterLabel: cluster + # -- Global license configuration + license: + key: "" + keyRef: {} + # name: secret-license + # key: license + cluster: + # -- K8s cluster domain suffix, uses for building storage pods' FQDN. Details are [here](https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/) + dnsDomain: cluster.local. + +# -- Override chart name +nameOverride: "" +# -- Resource full name override +fullnameOverride: "" +# -- Tenant to use for Grafana datasources and remote write +tenant: "0" +# -- If this chart is used in "Argocd" with "releaseName" field then +# VMServiceScrapes couldn't select the proper services. +# For correct working need set value 'argocdReleaseOverride=$ARGOCD_APP_NAME' +argocdReleaseOverride: "" + +# -- VictoriaMetrics Operator dependency chart configuration. More values can be found [here](https://docs.victoriametrics.com/helm/victoriametrics-operator#parameters). Also checkout [here](https://docs.victoriametrics.com/operator/configuration/#environment-variables) possible ENV variables to configure operator behaviour +victoria-metrics-operator: + enabled: true + crds: + plain: true + cleanup: + enabled: true + image: + repository: bitnami/kubectl + pullPolicy: IfNotPresent + serviceMonitor: + enabled: true + operator: + # -- By default, operator converts prometheus-operator objects. + disable_prometheus_converter: false + +defaultDashboards: + # -- Enable custom dashboards installation + enabled: true + defaultTimezone: utc + labels: {} + annotations: {} + grafanaOperator: + # -- Create dashboards as CRDs (requires grafana-operator to be installed) + enabled: false + spec: + instanceSelector: + matchLabels: + dashboards: grafana + allowCrossNamespaceImport: false + # -- Create dashboards as ConfigMap despite dependency it requires is not installed + dashboards: + victoriametrics-vmalert: + enabled: true + victoriametrics-operator: + enabled: true + # -- In ArgoCD using client-side apply this dashboard reaches annotations size limit and causes k8s issues without server side apply + # See [this issue](https://github.com/VictoriaMetrics/helm-charts/tree/master/charts/victoria-metrics-k8s-stack#metadataannotations-too-long-must-have-at-most-262144-bytes-on-dashboards) + node-exporter-full: + enabled: true + +# -- Create default rules for monitoring the cluster +defaultRules: + # -- Labels, which are used for grouping results of the queries. Note that these labels are joined with `.Values.global.clusterLabel` + additionalGroupByLabels: [] + create: true + + # -- Common properties for VMRule groups + group: + spec: + # -- Optional HTTP URL parameters added to each rule request + params: {} + + # -- Common properties for all VMRules + rule: + spec: + # -- Additional labels for all VMRules + labels: {} + # -- Additional annotations for all VMRules + annotations: {} + + # -- Common properties for VMRules alerts + alerting: + spec: + # -- Additional labels for VMRule alerts + labels: {} + # -- Additional annotations for VMRule alerts + annotations: {} + + # -- Common properties for VMRules recording rules + recording: + spec: + # -- Additional labels for VMRule recording rules + labels: {} + # -- Additional annotations for VMRule recording rules + annotations: {} + + # -- Per rule properties + rules: {} + # CPUThrottlingHigh: + # create: true + # spec: + # for: 15m + # labels: + # severity: critical + # -- Rule group properties + groups: + etcd: + create: true + # -- Common properties for all rules in a group + rules: {} + # spec: + # annotations: + # dashboard: https://example.com/dashboard/1 + general: + create: true + rules: {} + k8sContainerCpuLimits: + create: true + rules: {} + k8sContainerCpuRequests: + create: true + rules: {} + k8sContainerCpuUsageSecondsTotal: + create: true + rules: {} + k8sContainerMemoryLimits: + create: true + rules: {} + k8sContainerMemoryRequests: + create: true + rules: {} + k8sContainerMemoryRss: + create: true + rules: {} + k8sContainerMemoryCache: + create: true + rules: {} + k8sContainerMemoryWorkingSetBytes: + create: true + rules: {} + k8sContainerMemorySwap: + create: true + rules: {} + k8sPodOwner: + create: true + rules: {} + k8sContainerResource: + create: true + rules: {} + kubeApiserver: + create: true + rules: {} + kubeApiserverAvailability: + create: true + rules: {} + kubeApiserverBurnrate: + create: true + rules: {} + kubeApiserverHistogram: + create: true + rules: {} + kubeApiserverSlos: + create: true + rules: {} + kubelet: + create: true + rules: {} + kubePrometheusGeneral: + create: true + rules: {} + kubePrometheusNodeRecording: + create: true + rules: {} + kubernetesApps: + create: true + rules: {} + targetNamespace: ".*" + kubernetesResources: + create: true + rules: {} + kubernetesStorage: + create: true + rules: {} + targetNamespace: ".*" + kubernetesSystem: + create: true + rules: {} + kubernetesSystemKubelet: + create: true + rules: {} + kubernetesSystemApiserver: + create: true + rules: {} + kubernetesSystemControllerManager: + create: true + rules: {} + kubeScheduler: + create: true + rules: {} + kubernetesSystemScheduler: + create: true + rules: {} + kubeStateMetrics: + create: true + rules: {} + nodeNetwork: + create: true + rules: {} + node: + create: true + rules: {} + vmagent: + create: true + rules: {} + vmsingle: + create: true + rules: {} + vmcluster: + create: true + rules: {} + vmHealth: + create: true + rules: {} + vmoperator: + create: true + rules: {} + alertmanager: + create: true + rules: {} + + # -- Runbook url prefix for default rules + runbookUrl: https://runbooks.prometheus-operator.dev/runbooks + + # -- Labels for default rules + labels: {} + # -- Annotations for default rules + annotations: {} + +# -- Provide custom recording or alerting rules to be deployed into the cluster. +additionalVictoriaMetricsMap: +# rule-name: +# groups: +# - name: my_group +# rules: +# - record: my_record +# expr: 100 * my_record + +external: + grafana: + # -- External Grafana host + host: "" + # -- External Grafana datasource name + datasource: VictoriaMetrics + # -- External VM read and write URLs + vm: + read: + url: "" + # bearerTokenSecret: + # name: dbaas-read-access-token + # key: bearerToken + write: + url: "" + # bearerTokenSecret: + # name: dbaas-read-access-token + # key: bearerToken + +# Configures vmsingle params +vmsingle: + # -- VMSingle labels + labels: {} + # -- VMSingle annotations + annotations: {} + # -- Create VMSingle CR + enabled: true + # -- Full spec for VMSingle CRD. Allowed values describe [here](https://docs.victoriametrics.com/operator/api#vmsinglespec) + spec: + port: "8429" + # -- Data retention period. Possible units character: h(ours), d(ays), w(eeks), y(ears), if no unit character specified - month. The minimum retention period is 24h. See these [docs](https://docs.victoriametrics.com/single-server-victoriametrics/#retention) + retentionPeriod: "1" + replicaCount: 1 + extraArgs: {} + storage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 20Gi + ingress: + # -- Enable deployment of ingress for server component + enabled: false + # -- Ingress annotations + annotations: + {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + # -- Ingress extra labels + labels: {} + # -- Ingress default path + path: "" + # -- Ingress path type + pathType: Prefix + # -- Ingress controller class name + ingressClassName: "" + + # -- Array of host objects + hosts: [] + # - vmsingle.domain.com + # -- Extra paths to prepend to every host configuration. This is useful when working with annotation based services. + extraPaths: [] + # - path: /* + # pathType: Prefix + # backend: + # service: + # name: ssl-redirect + # port: + # name: service + + # -- Array of TLS objects + tls: [] + # - secretName: vmsingle-ingress-tls + # hosts: + # - vmsingle.domain.com + +vmcluster: + # -- Create VMCluster CR + enabled: false + # -- VMCluster labels + labels: {} + # -- VMCluster annotations + annotations: {} + # -- Full spec for VMCluster CRD. Allowed values described [here](https://docs.victoriametrics.com/operator/api#vmclusterspec) + spec: + # -- Data retention period. Possible units character: h(ours), d(ays), w(eeks), y(ears), if no unit character specified - month. The minimum retention period is 24h. See these [docs](https://docs.victoriametrics.com/single-server-victoriametrics/#retention) + retentionPeriod: "1" + replicationFactor: 2 + vmstorage: + replicaCount: 2 + storageDataPath: /vm-data + storage: + volumeClaimTemplate: + spec: + resources: + requests: + storage: 10Gi + resources: + {} + # limits: + # cpu: "1" + # memory: 1500Mi + vmselect: + # -- Set this value to false to disable VMSelect + enabled: true + port: "8481" + replicaCount: 2 + cacheMountPath: /select-cache + extraArgs: {} + storage: + volumeClaimTemplate: + spec: + resources: + requests: + storage: 2Gi + resources: + {} + # limits: + # cpu: "1" + # memory: "1000Mi" + # requests: + # cpu: "0.5" + # memory: "500Mi" + vminsert: + # -- Set this value to false to disable VMInsert + enabled: true + port: "8480" + replicaCount: 2 + extraArgs: {} + resources: + {} + # limits: + # cpu: "1" + # memory: 1000Mi + # requests: + # cpu: "0.5" + # memory: "500Mi" + + ingress: + storage: + # -- Enable deployment of ingress for server component + enabled: false + + # -- Ingress annotations + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + + # -- Ingress extra labels + labels: {} + + # -- Ingress controller class name + ingressClassName: "" + + # -- Ingress path type + pathType: Prefix + + # -- Ingress default path + path: "" + + # -- Array of host objects + hosts: [] + # - vmstorage.domain.com + + # -- Extra paths to prepend to every host configuration. This is useful when working with annotation based services. + extraPaths: [] + # - path: /* + # pathType: Prefix + # backend: + # service: + # name: ssl-redirect + # port: + # name: service + + # -- Array of TLS objects + tls: [] + # - secretName: vmstorage-ingress-tls + # hosts: + # - vmstorage.domain.com + select: + # -- Enable deployment of ingress for server component + enabled: false + + # -- Ingress annotations + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + + # -- Ingress extra labels + labels: {} + + # -- Ingress controller class name + ingressClassName: "" + + # -- Ingress path type + pathType: Prefix + + # -- Ingress default path + path: '{{ dig "extraArgs" "http.pathPrefix" "/" .Values.vmcluster.spec.vmselect }}' + + # -- Array of host objects + hosts: [] + # - vmselect.domain.com + # -- Extra paths to prepend to every host configuration. This is useful when working with annotation based services. + extraPaths: [] + # - path: /* + # pathType: Prefix + # backend: + # service: + # name: ssl-redirect + # port: + # name: service + + # -- Array of TLS objects + tls: [] + # - secretName: vmselect-ingress-tls + # hosts: + # - vmselect.domain.com + insert: + # -- Enable deployment of ingress for server component + enabled: false + + # -- Ingress annotations + annotations: + {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + + # -- Ingress extra labels + labels: {} + + # -- Ingress controller class name + ingressClassName: "" + + # -- Ingress path type + pathType: Prefix + + # -- Ingress default path + path: '{{ dig "extraArgs" "http.pathPrefix" "/" .Values.vmcluster.spec.vminsert }}' + + # -- Array of host objects + hosts: [] + # - vminsert.domain.com + # -- Extra paths to prepend to every host configuration. This is useful when working with annotation based services. + extraPaths: [] + # - path: /* + # pathType: Prefix + # backend: + # service: + # name: ssl-redirect + # port: + # name: service + + # -- Array of TLS objects + tls: [] + # - secretName: vminsert-ingress-tls + # hosts: + # - vminsert.domain.com + +alertmanager: + # -- Create VMAlertmanager CR + enabled: true + # -- VMAlertmanager labels + labels: {} + # -- VMAlertmanager annotations + annotations: {} + # -- (object) Full spec for VMAlertmanager CRD. Allowed values described [here](https://docs.victoriametrics.com/operator/api#vmalertmanagerspec) + spec: + replicaCount: 1 + port: "9093" + selectAllByDefault: true + image: + tag: v0.28.1 + externalURL: "" + routePrefix: / + + # -- (string) If this one defined, it will be used for alertmanager configuration and config parameter will be ignored + configSecret: "" + # -- + # @raw + # enable storing .Values.alertmanager.config in VMAlertmanagerConfig instead of k8s Secret. + # Note: VMAlertmanagerConfig and plain VMAlertmanager config structures are not equal. + # If you're migrating existing config, please make sure that `.Values.alertmanager.config`: + # - with `useManagedConfig: false` has structure described [here](https://prometheus.io/docs/alerting/latest/configuration/). + # - with `useManagedConfig: true` has structure described [here](https://docs.victoriametrics.com/operator/api/#vmalertmanagerconfig). + useManagedConfig: false + # -- (object) VMAlertmanager configuration + config: + route: + receiver: "blackhole" + # group_by: ["alertgroup", "job"] + # group_wait: 30s + # group_interval: 5m + # repeat_interval: 12h + # routes: + # + # # Duplicate code_owner routes to teams + # # These will send alerts to team channels but continue + # # processing through the rest of the tree to handled by on-call + # - matchers: + # - code_owner_channel!="" + # - severity=~"info|warning|critical" + # group_by: ["code_owner_channel", "alertgroup", "job"] + # receiver: slack-code-owners + # + # # Standard on-call routes + # - matchers: + # - severity=~"info|warning|critical" + # receiver: slack-monitoring + # continue: true + # + # inhibit_rules: + # - target_matchers: + # - severity=~"warning|info" + # source_matchers: + # - severity=critical + # equal: + # - cluster + # - namespace + # - alertname + # - target_matchers: + # - severity=info + # source_matchers: + # - severity=warning + # equal: + # - cluster + # - namespace + # - alertname + # - target_matchers: + # - severity=info + # source_matchers: + # - alertname=InfoInhibitor + # equal: + # - cluster + # - namespace + + receivers: + - name: blackhole + # - name: "slack-monitoring" + # slack_configs: + # - channel: "#channel" + # send_resolved: true + # title: '{{ template "slack.monzo.title" . }}' + # icon_emoji: '{{ template "slack.monzo.icon_emoji" . }}' + # color: '{{ template "slack.monzo.color" . }}' + # text: '{{ template "slack.monzo.text" . }}' + # actions: + # - type: button + # text: "Runbook :green_book:" + # url: "{{ (index .Alerts 0).Annotations.runbook_url }}" + # - type: button + # text: "Query :mag:" + # url: "{{ (index .Alerts 0).GeneratorURL }}" + # - type: button + # text: "Dashboard :grafana:" + # url: "{{ (index .Alerts 0).Annotations.dashboard }}" + # - type: button + # text: "Silence :no_bell:" + # url: '{{ template "__alert_silence_link" . }}' + # - type: button + # text: '{{ template "slack.monzo.link_button_text" . }}' + # url: "{{ .CommonAnnotations.link_url }}" + # - name: slack-code-owners + # slack_configs: + # - channel: "#{{ .CommonLabels.code_owner_channel }}" + # send_resolved: true + # title: '{{ template "slack.monzo.title" . }}' + # icon_emoji: '{{ template "slack.monzo.icon_emoji" . }}' + # color: '{{ template "slack.monzo.color" . }}' + # text: '{{ template "slack.monzo.text" . }}' + # actions: + # - type: button + # text: "Runbook :green_book:" + # url: "{{ (index .Alerts 0).Annotations.runbook }}" + # - type: button + # text: "Query :mag:" + # url: "{{ (index .Alerts 0).GeneratorURL }}" + # - type: button + # text: "Dashboard :grafana:" + # url: "{{ (index .Alerts 0).Annotations.dashboard }}" + # - type: button + # text: "Silence :no_bell:" + # url: '{{ template "__alert_silence_link" . }}' + # - type: button + # text: '{{ template "slack.monzo.link_button_text" . }}' + # url: "{{ .CommonAnnotations.link_url }}" + # + # -- Better alert templates for [slack source](https://gist.github.com/milesbxf/e2744fc90e9c41b47aa47925f8ff6512) + monzoTemplate: + enabled: true + + # -- (object) Extra alert templates + templateFiles: + {} + # template_1.tmpl: |- + # {{ define "hello" -}} + # hello, Victoria! + # {{- end }} + # template_2.tmpl: "" + + # -- (object) VMAlertmanager ingress configuration + ingress: + enabled: false + # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName + # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress + # ingressClassName: nginx + # Values can be templated + annotations: + {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + labels: {} + path: '{{ .Values.alertmanager.spec.routePrefix | default "/" }}' + pathType: Prefix + + hosts: + - alertmanager.domain.com + # -- Extra paths to prepend to every host configuration. This is useful when working with annotation based services. + extraPaths: [] + # - path: /* + # pathType: Prefix + # backend: + # service: + # name: ssl-redirect + # port: + # name: service + tls: [] + # - secretName: alertmanager-ingress-tls + # hosts: + # - alertmanager.domain.com + +vmalert: + # -- VMAlert annotations + annotations: {} + # -- VMAlert labels + labels: {} + # -- Create VMAlert CR + enabled: true + + # -- Controls whether VMAlert should use VMAgent or VMInsert as a target for remotewrite + remoteWriteVMAgent: false + # -- (object) Full spec for VMAlert CRD. Allowed values described [here](https://docs.victoriametrics.com/operator/api#vmalertspec) + spec: + port: "8080" + selectAllByDefault: true + evaluationInterval: 20s + extraArgs: + http.pathPrefix: "/" + + # External labels to add to all generated recording rules and alerts + externalLabels: {} + + # -- (object) Extra VMAlert annotation templates + templateFiles: + {} + # template_1.tmpl: |- + # {{ define "hello" -}} + # hello, Victoria! + # {{- end }} + # template_2.tmpl: "" + + # -- Allows to configure static notifiers, discover notifiers via Consul and DNS, + # see specification [here](https://docs.victoriametrics.com/vmalert/#notifier-configuration-file). + # This configuration will be created as separate secret and mounted to VMAlert pod. + additionalNotifierConfigs: {} + # dns_sd_configs: + # - names: + # - my.domain.com + # type: 'A' + # port: 9093 + # -- (object) VMAlert ingress config + ingress: + enabled: false + # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName + # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress + # ingressClassName: nginx + # Values can be templated + annotations: + {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + labels: {} + path: "" + pathType: Prefix + + hosts: + - vmalert.domain.com + # -- Extra paths to prepend to every host configuration. This is useful when working with annotation based services. + extraPaths: [] + # - path: /* + # pathType: Prefix + # backend: + # service: + # name: ssl-redirect + # port: + # name: service + tls: [] + # - secretName: vmalert-ingress-tls + # hosts: + # - vmalert.domain.com + +vmauth: + # -- Enable VMAuth CR + enabled: false + # -- VMAuth labels + labels: {} + # -- VMAuth annotations + annotations: {} + # -- (object) Full spec for VMAuth CRD. Allowed values described [here](https://docs.victoriametrics.com/operator/api#vmauthspec) + # It's possible to use given below predefined variables in spec: + # * `{{ .vm.read }}` - parsed vmselect, vmsingle or external.vm.read URL + # * `{{ .vm.write }}` - parsed vminsert, vmsingle or external.vm.write URL + spec: + port: "8427" + unauthorizedUserAccessSpec: + # -- Flag, that allows to disable default VMAuth unauthorized user access config + disabled: false + discover_backend_ips: true + url_map: + - src_paths: + - '{{ .vm.read.path }}/.*' + url_prefix: + - '{{ urlJoin (omit .vm.read "path") }}/' + - src_paths: + - '{{ .vm.write.path }}/.*' + url_prefix: + - '{{ urlJoin (omit .vm.write "path") }}/' + +vmagent: + # -- Create VMAgent CR + enabled: true + # -- VMAgent labels + labels: {} + # -- VMAgent annotations + annotations: {} + # -- Remote write configuration of VMAgent, allowed parameters defined in a [spec](https://docs.victoriametrics.com/operator/api#vmagentremotewritespec) + additionalRemoteWrites: + [] + #- url: http://some-remote-write/api/v1/write + # -- (object) Full spec for VMAgent CRD. Allowed values described [here](https://docs.victoriametrics.com/operator/api#vmagentspec) + spec: + port: "8429" + selectAllByDefault: true + scrapeInterval: 20s + externalLabels: {} + # For multi-cluster setups it is useful to use "cluster" label to identify the metrics source. + # For example: + # cluster: cluster-name + extraArgs: + promscrape.streamParse: "true" + # Do not store original labels in vmagent's memory by default. This reduces the amount of memory used by vmagent + # but makes vmagent debugging UI less informative. See: https://docs.victoriametrics.com/vmagent/#relabel-debug + promscrape.dropOriginalLabels: "true" + # -- (object) VMAgent ingress configuration + ingress: + enabled: false + # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName + # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress + # ingressClassName: nginx + # Values can be templated + annotations: + {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + labels: {} + path: "" + pathType: Prefix + + hosts: + - vmagent.domain.com + extraPaths: [] + # - path: /* + # pathType: Prefix + # backend: + # service: + # name: ssl-redirect + # port: + # name: service + tls: [] + # - secretName: vmagent-ingress-tls + # hosts: + # - vmagent.domain.com + +defaultDatasources: + grafanaOperator: + # -- Create datasources as CRDs (requires grafana-operator to be installed) + enabled: false + annotations: {} + spec: + instanceSelector: + matchLabels: + dashboards: grafana + allowCrossNamespaceImport: false + victoriametrics: + # -- Create per replica prometheus compatible datasource + perReplica: false + # -- List of prometheus compatible datasource configurations. + # VM `url` will be added to each of them in templates. + datasources: + - name: VictoriaMetrics + type: prometheus + access: proxy + isDefault: true + - name: VictoriaMetrics (DS) + isDefault: false + access: proxy + type: victoriametrics-metrics-datasource + version: "0.15.1" + # -- List of alertmanager datasources. + # VMAlertmanager generated `url` will be added to each datasource in template if alertmanager is enabled + alertmanager: + # -- Create per replica alertmanager compatible datasource + perReplica: false + datasources: + - name: Alertmanager + access: proxy + jsonData: + implementation: prometheus + # -- Configure additional grafana datasources (passed through tpl). + # Check [here](http://docs.grafana.org/administration/provisioning/#datasources) for details + extra: [] + # - name: prometheus-sample + # access: proxy + # basicAuth: true + # basicAuthPassword: pass + # basicAuthUser: daco + # editable: false + # jsonData: + # tlsSkipVerify: true + # orgId: 1 + # type: prometheus + # url: https://{{ printf "%s-prometheus.svc" .Release.Name }}:9090 + # version: 1 + +# -- Grafana dependency chart configuration. For possible values refer [here](https://github.com/grafana/helm-charts/tree/main/charts/grafana#configuration) +grafana: + enabled: true + # all values for grafana helm chart can be specified here + sidecar: + datasources: + enabled: true + initDatasources: true + label: grafana_datasource + dashboards: + provider: + name: default + orgid: 1 + folder: /var/lib/grafana/dashboards + defaultFolderName: default + enabled: true + multicluster: false + + # -- Create datasource configmap even if grafana deployment has been disabled + forceDeployDatasource: false + + # Uncomment the block below, if you want to enable VictoriaMetrics Datasource in Grafana: + # Note that Grafana will need internet access to install the datasource plugin. + # + # plugins: + # - victoriametrics-metrics-datasource + # - victoriametrics-logs-datasource + + ingress: + enabled: false + # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName + # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress + # ingressClassName: nginx + # Values can be templated + annotations: + {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + labels: {} + path: / + pathType: Prefix + + hosts: + - grafana.domain.com + # -- Extra paths to prepend to every host configuration. This is useful when working with annotation based services. + extraPaths: [] + # - path: /* + # pathType: Prefix + # backend: + # service: + # name: ssl-redirect + # port: + # name: service + tls: [] + # - secretName: grafana-ingress-tls + # hosts: + # - grafana.domain.com + + # -- Grafana VM scrape config + vmScrape: + # whether we should create a service scrape resource for grafana + enabled: true + + # -- [Scrape configuration](https://docs.victoriametrics.com/operator/api#vmservicescrapespec) for Grafana + spec: + selector: + matchLabels: + app.kubernetes.io/name: '{{ include "grafana.name" .Subcharts.grafana }}' + endpoints: + - port: '{{ .Values.grafana.service.portName }}' + +# -- prometheus-node-exporter dependency chart configuration. For possible values check [here](https://github.com/prometheus-community/helm-charts/blob/main/charts/prometheus-node-exporter/values.yaml) +prometheus-node-exporter: + enabled: true + + # all values for prometheus-node-exporter helm chart can be specified here + service: + # Add the 'node-exporter' label to be used by serviceMonitor to match standard common usage in rules and grafana dashboards + # + labels: + jobLabel: node-exporter + extraArgs: + - --collector.filesystem.ignored-mount-points=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/) + - --collector.filesystem.ignored-fs-types=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|erofs|sysfs|tracefs)$ + # -- Node Exporter VM scrape config + vmScrape: + # whether we should create a service scrape resource for node-exporter + enabled: true + + # -- [Scrape configuration](https://docs.victoriametrics.com/operator/api#vmservicescrapespec) for Node Exporter + spec: + jobLabel: jobLabel + selector: + matchLabels: + app.kubernetes.io/name: '{{ include "prometheus-node-exporter.name" (index .Subcharts "prometheus-node-exporter") }}' + endpoints: + - port: metrics + metricRelabelConfigs: + - action: drop + source_labels: [mountpoint] + regex: "/var/lib/kubelet/pods.+" +# -- kube-state-metrics dependency chart configuration. For possible values check [here](https://github.com/prometheus-community/helm-charts/blob/main/charts/kube-state-metrics/values.yaml) +kube-state-metrics: + enabled: true + # -- [Scrape configuration](https://docs.victoriametrics.com/operator/api#vmservicescrapespec) for Kube State Metrics + vmScrape: + enabled: true + spec: + selector: + matchLabels: + app.kubernetes.io/name: '{{ include "kube-state-metrics.name" (index .Subcharts "kube-state-metrics") }}' + app.kubernetes.io/instance: '{{ include "vm.release" . }}' + endpoints: + - port: http + honorLabels: true + metricRelabelConfigs: + - action: labeldrop + regex: (uid|container_id|image_id) + jobLabel: app.kubernetes.io/name + +# -- Component scraping the kubelets +kubelet: + enabled: true + vmScrapes: + # -- Enable scraping /metrics/cadvisor from kubelet's service + cadvisor: + enabled: true + spec: + path: /metrics/cadvisor + # -- Enable scraping /metrics/probes from kubelet's service + probes: + enabled: true + spec: + path: /metrics/probes + # -- Enabled scraping /metrics/resource from kubelet's service + resources: + enabled: true + spec: + path: /metrics/resource + kubelet: + spec: {} + # -- Spec for VMNodeScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmnodescrapespec) + vmScrape: + kind: VMNodeScrape + spec: + scheme: "https" + honorLabels: true + interval: "30s" + scrapeTimeout: "5s" + tlsConfig: + insecureSkipVerify: true + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + # drop high cardinality label and useless metrics for cadvisor and kubelet + metricRelabelConfigs: + - action: labeldrop + regex: (uid) + - action: labeldrop + regex: (id|name) + - action: drop + source_labels: [__name__] + regex: (rest_client_request_duration_seconds_bucket|rest_client_request_duration_seconds_sum|rest_client_request_duration_seconds_count) + relabelConfigs: + - action: labelmap + regex: __meta_kubernetes_node_label_(.+) + - sourceLabels: [__metrics_path__] + targetLabel: metrics_path + - targetLabel: job + replacement: kubelet + # ignore timestamps of cadvisor's metrics by default + # more info here https://github.com/VictoriaMetrics/VictoriaMetrics/issues/4697#issuecomment-1656540535 + honorTimestamps: false +# Component scraping the kube api server +kubeApiServer: + # -- Enable Kube Api Server metrics scraping + enabled: true + # -- Spec for VMServiceScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmservicescrapespec) + vmScrape: + spec: + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + # bearerTokenSecret: + # key: "" + port: https + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + serverName: kubernetes + jobLabel: component + namespaceSelector: + matchNames: + - default + selector: + matchLabels: + component: apiserver + provider: kubernetes + +# Component scraping the kube controller manager +kubeControllerManager: + # -- Enable kube controller manager metrics scraping + enabled: true + + # -- If your kube controller manager is not deployed as a pod, specify IPs it can be found on + endpoints: [] + # - 10.141.4.22 + # - 10.141.4.23 + # - 10.141.4.24 + + # If using kubeControllerManager.endpoints only the port and targetPort are used + service: + # -- Create service for kube controller manager metrics scraping + enabled: true + # -- Kube controller manager service port + port: 10257 + # -- Kube controller manager service target port + targetPort: 10257 + # -- Kube controller manager service pod selector + selector: + component: kube-controller-manager + + # -- Spec for VMServiceScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmservicescrapespec) + vmScrape: + spec: + jobLabel: jobLabel + namespaceSelector: + matchNames: + - kube-system + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + # bearerTokenSecret: + # key: "" + port: http-metrics + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + serverName: kubernetes + +# Component scraping kubeDns. Use either this or coreDns +kubeDns: + # -- Enabled KubeDNS metrics scraping + enabled: false + service: + # -- Create Service for KubeDNS metrics + enabled: false + # -- KubeDNS service ports + ports: + dnsmasq: + port: 10054 + targetPort: 10054 + skydns: + port: 10055 + targetPort: 10055 + # -- KubeDNS service pods selector + selector: + k8s-app: kube-dns + # -- Spec for VMServiceScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmservicescrapespec) + vmScrape: + spec: + jobLabel: jobLabel + namespaceSelector: + matchNames: [kube-system] + endpoints: + - port: http-metrics-dnsmasq + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + - port: http-metrics-skydns + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + +# Component scraping coreDns. Use either this or kubeDns +coreDns: + # -- Enabled CoreDNS metrics scraping + enabled: true + service: + # -- Create service for CoreDNS metrics + enabled: true + # -- CoreDNS service port + port: 9153 + # -- CoreDNS service target port + targetPort: 9153 + # -- CoreDNS service pod selector + selector: + k8s-app: kube-dns + + # -- Spec for VMServiceScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmservicescrapespec) + vmScrape: + spec: + jobLabel: jobLabel + namespaceSelector: + matchNames: [kube-system] + endpoints: + - port: http-metrics + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + +# Component scraping etcd +kubeEtcd: + # -- Enabled KubeETCD metrics scraping + enabled: true + + # -- If your etcd is not deployed as a pod, specify IPs it can be found on + endpoints: [] + # - 10.141.4.22 + # - 10.141.4.23 + # - 10.141.4.24 + + # Etcd service. If using kubeEtcd.endpoints only the port and targetPort are used + service: + # -- Enable service for ETCD metrics scraping + enabled: true + # -- ETCD service port + port: 2379 + # -- ETCD service target port + targetPort: 2379 + # -- ETCD service pods selector + selector: + component: etcd + + # -- Spec for VMServiceScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmservicescrapespec) + vmScrape: + spec: + jobLabel: jobLabel + namespaceSelector: + matchNames: [kube-system] + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + # bearerTokenSecret: + # key: "" + port: http-metrics + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + +# Component scraping kube scheduler +kubeScheduler: + # -- Enable KubeScheduler metrics scraping + enabled: true + + # -- If your kube scheduler is not deployed as a pod, specify IPs it can be found on + endpoints: [] + # - 10.141.4.22 + # - 10.141.4.23 + # - 10.141.4.24 + + # If using kubeScheduler.endpoints only the port and targetPort are used + service: + # -- Enable service for KubeScheduler metrics scrape + enabled: true + # -- KubeScheduler service port + port: 10259 + # -- KubeScheduler service target port + targetPort: 10259 + # -- KubeScheduler service pod selector + selector: + component: kube-scheduler + + # -- Spec for VMServiceScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmservicescrapespec) + vmScrape: + spec: + jobLabel: jobLabel + namespaceSelector: + matchNames: [kube-system] + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + # bearerTokenSecret: + # key: "" + port: http-metrics + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + +# Component scraping kube proxy +kubeProxy: + # -- Enable kube proxy metrics scraping + enabled: false + + # -- If your kube proxy is not deployed as a pod, specify IPs it can be found on + endpoints: [] + # - 10.141.4.22 + # - 10.141.4.23 + # - 10.141.4.24 + + service: + # -- Enable service for kube proxy metrics scraping + enabled: true + # -- Kube proxy service port + port: 10249 + # -- Kube proxy service target port + targetPort: 10249 + # -- Kube proxy service pod selector + selector: + k8s-app: kube-proxy + + # -- Spec for VMServiceScrape CRD is [here](https://docs.victoriametrics.com/operator/api.html#vmservicescrapespec) + vmScrape: + spec: + jobLabel: jobLabel + namespaceSelector: + matchNames: [kube-system] + endpoints: + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + # bearerTokenSecret: + # key: "" + port: http-metrics + scheme: https + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + +# -- Add extra objects dynamically to this chart +extraObjects: [] diff --git a/charts/victoria-metrics-k8s-stack/values/infra.yaml b/charts/victoria-metrics-k8s-stack/values/infra.yaml new file mode 100644 index 0000000..d6a7a95 --- /dev/null +++ b/charts/victoria-metrics-k8s-stack/values/infra.yaml @@ -0,0 +1,31 @@ +grafana: + ingress: + enabled: ENC[AES256_GCM,data:b42yLw==,iv:q0W4h1CB0nJEksWcwjTkD8YWWKLhsFPLfzVRo8JlknY=,tag:3KftvT5lGVq3K62F0klD9g==,type:bool] + hosts: + - ENC[AES256_GCM,data:N7QOpK4lYtBYvZWcB49gVONggg==,iv:cw9Ds+ExLlvPkeRM/CEMlF4/ptimYqkgr1fKGHONtvM=,tag:Rttjr1LARU2XD/ciWx5Uwg==,type:str] + tls: + hosts: + - ENC[AES256_GCM,data:ZrmM3KVIczVgF2vjzXBg0+/99A==,iv:lTROSjMfhnHmVxrLxGijKu7hj4GI2BXlbLJf/zhs+xc=,tag:jsdClzb+0Q9VCj2RMiC3ZQ==,type:str] + annotations: + cert-manager.io/cluster-issuer: ENC[AES256_GCM,data:F9MbMqO8MSXE+i3VDnEwSHudvvd+fySb2w==,iv:w5Hquu12z/isiJPi9rx+IOw3NssUZuyzPptv3f58n1U=,tag:V3fBzn2UsiTzuXveZ/2MOQ==,type:str] + kubernetes.io/ingress.allow-http: ENC[AES256_GCM,data:Ch58ng==,iv:I1QAJMzsxCk5e+HivKdela1G0mh5w8p+3yB7KuyXo+k=,tag:dHU4oZDOWEKiB7bIst0GGw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1s476478zx2klmkst79paaucw9vec9gkfgjtmzhqzdffmpkkmmf4s5x0nu0 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEOC96MDRXZTVMQ012dFkw + OXpQQTJkWG1haGcyRmxhU1lFL01ZYjNnbVRRClBMd0tkNDVYdmlBWG9HRFlLVXBP + YWx4M094aWZCTUdSaGR5SEVuSUYzSlkKLS0tIEVEQkI5a1JyMFZGbWtYU250dG1X + Y3B4MXJJdXVxSUNIbG5JQ3ViZllwSmsKXh11TRkx0eP70MMEdIM7ZBaqN/vPn8nb + ZFdcXOCMsXx93O6PEVVOcXeldZ4cQVBPED7h0LYSekvetjdVu7cHfQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-07-08T14:23:03Z" + mac: ENC[AES256_GCM,data:X6WAPtq1ZpZzo57urlOI08gm29nzh4QiMCD7T/A70ELMAaOUSaJd9czdbXSzJe4x2zTGquptPNFBbOgbZ76/40w6qjTqofhtpqzeJhjTg+8spda9kEdthwLPJatWpm7eXIN6Kfss/ivByPElOquq41zIq7qRKoDCi/e/xasqkCE=,iv:VSFxUDNflHeNnA3pOdcamagpy43cphGw3CQhY7nUpQ8=,tag:DRX4zJQT9X4NibfpbXiT5A==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1