This document shows the contents of the manifests used in the Managed Service for Prometheus documentation.
setup.yaml
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# NOTE: This file is autogenerated.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: clusterpodmonitorings.monitoring.googleapis.com
spec:
group: monitoring.googleapis.com
names:
kind: ClusterPodMonitoring
listKind: ClusterPodMonitoringList
plural: clusterpodmonitorings
singular: clusterpodmonitoring
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: ClusterPodMonitoring defines monitoring for a set of pods.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of desired Pod selection for target discovery
by Prometheus.
properties:
endpoints:
description: The endpoints to scrape on the selected pods.
items:
description: ScrapeEndpoint specifies a Prometheus metrics endpoint
to scrape.
properties:
interval:
description: Interval at which to scrape metrics. Must be a
valid Prometheus duration.
type: string
metricRelabeling:
description: Relabeling rules for metrics scraped from this
endpoint. Relabeling rules that override protected target
labels (project_id, location, cluster, namespace, job, instance,
or __address__) are not permitted. The labelmap action is
not permitted in general.
items:
description: RelabelingRule defines a single Prometheus relabeling
rule.
properties:
action:
description: Action to perform based on regex matching.
Defaults to 'replace'.
type: string
modulus:
description: Modulus to take of the hash of the source
label values.
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched. Defaults to '(.*)'.
type: string
replacement:
description: Replacement value against which a regex replace
is performed if the regular expression matches. Regex
capture groups are available. Defaults to '$1'.
type: string
separator:
description: Separator placed between concatenated source
label values. Defaults to ';'.
type: string
sourceLabels:
description: The source labels select values from existing
labels. Their content is concatenated using the configured
separator and matched against the configured regular
expression for the replace, keep, and drop actions.
items:
type: string
type: array
targetLabel:
description: Label to which the resulting value is written
in a replace action. It is mandatory for replace actions.
Regex capture groups are available.
type: string
type: object
type: array
params:
additionalProperties:
items:
type: string
type: array
description: HTTP GET params to use when scraping.
type: object
path:
description: HTTP path to scrape metrics from. Defaults to "/metrics".
type: string
port:
anyOf:
- type: integer
- type: string
description: Name or number of the port to scrape. The container
metadata label is only populated if the port is referenced
by name because port numbers are not unique across containers.
x-kubernetes-int-or-string: true
proxyUrl:
description: Proxy URL to scrape through. Encoded passwords
are not supported.
type: string
scheme:
description: Protocol scheme to use to scrape.
type: string
timeout:
description: Timeout for metrics scrapes. Must be a valid Prometheus
duration. Must not be larger then the scrape interval.
type: string
required:
- port
type: object
type: array
limits:
description: Limits to apply at scrape time.
properties:
labelNameLength:
description: Maximum label name length. Uses Prometheus default
if left unspecified.
format: int64
type: integer
labelValueLength:
description: Maximum label value length. Uses Prometheus default
if left unspecified.
format: int64
type: integer
labels:
description: Maximum number of labels accepted for a single sample.
Uses Prometheus default if left unspecified.
format: int64
type: integer
samples:
description: Maximum number of samples accepted within a single
scrape. Uses Prometheus default if left unspecified.
format: int64
type: integer
type: object
selector:
description: Label selector that specifies which pods are selected
for this monitoring configuration.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
targetLabels:
description: Labels to add to the Prometheus target for discovered
endpoints. The `instance` label is always set to `<pod_name>:<port>`
or `<node_name>:<port>` if the scraped pod is controlled by a DaemonSet.
properties:
fromPod:
description: Labels to transfer from the Kubernetes Pod to Prometheus
target labels. Mappings are applied in order.
items:
description: LabelMapping specifies how to transfer a label
from a Kubernetes resource onto a Prometheus target.
properties:
from:
description: Kubenetes resource label to remap.
type: string
to:
description: Remapped Prometheus target label. Defaults
to the same name as `From`.
type: string
required:
- from
type: object
type: array
metadata:
description: Pod metadata labels that are set on all scraped targets.
Permitted keys are `pod`, `container`, and `node` for PodMonitoring
and `pod`, `container`, `node`, and `namespace` for ClusterPodMonitoring.
The `container` label is only populated if the scrape port is
referenced by name. Defaults to [pod, container] for PodMonitoring
and [namespace, pod, container] for ClusterPodMonitoring. If
set to null, it will be interpreted as the empty list for PodMonitoring
and to [namespace] for ClusterPodMonitoring. This is for backwards-compatibility
only.
items:
type: string
type: array
type: object
required:
- endpoints
- selector
type: object
status:
description: Most recently observed status of the resource.
properties:
conditions:
description: Represents the latest available observations of a podmonitor's
current state.
items:
description: MonitoringCondition describes a condition of a PodMonitoring.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human-readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: MonitoringConditionType is the type of MonitoringCondition.
type: string
required:
- status
- type
type: object
type: array
observedGeneration:
description: The generation observed by the controller.
format: int64
type: integer
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
- name: v1alpha1
schema:
openAPIV3Schema:
description: ClusterPodMonitoring defines monitoring for a set of pods.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of desired Pod selection for target discovery
by Prometheus.
properties:
endpoints:
description: The endpoints to scrape on the selected pods.
items:
description: ScrapeEndpoint specifies a Prometheus metrics endpoint
to scrape.
properties:
interval:
description: Interval at which to scrape metrics. Must be a
valid Prometheus duration.
type: string
metricRelabeling:
description: Relabeling rules for metrics scraped from this
endpoint. Relabeling rules that override protected target
labels (project_id, location, cluster, namespace, job, instance,
or __address__) are not permitted. The labelmap action is
not permitted in general.
items:
description: RelabelingRule defines a single Prometheus relabeling
rule.
properties:
action:
description: Action to perform based on regex matching.
Defaults to 'replace'.
type: string
modulus:
description: Modulus to take of the hash of the source
label values.
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched. Defaults to '(.*)'.
type: string
replacement:
description: Replacement value against which a regex replace
is performed if the regular expression matches. Regex
capture groups are available. Defaults to '$1'.
type: string
separator:
description: Separator placed between concatenated source
label values. Defaults to ';'.
type: string
sourceLabels:
description: The source labels select values from existing
labels. Their content is concatenated using the configured
separator and matched against the configured regular
expression for the replace, keep, and drop actions.
items:
type: string
type: array
targetLabel:
description: Label to which the resulting value is written
in a replace action. It is mandatory for replace actions.
Regex capture groups are available.
type: string
type: object
type: array
params:
additionalProperties:
items:
type: string
type: array
description: HTTP GET params to use when scraping.
type: object
path:
description: HTTP path to scrape metrics from. Defaults to "/metrics".
type: string
port:
anyOf:
- type: integer
- type: string
description: Name or number of the port to scrape.
x-kubernetes-int-or-string: true
proxyUrl:
description: Proxy URL to scrape through. Encoded passwords
are not supported.
type: string
scheme:
description: Protocol scheme to use to scrape.
type: string
timeout:
description: Timeout for metrics scrapes. Must be a valid Prometheus
duration. Must not be larger then the scrape interval.
type: string
required:
- port
type: object
type: array
limits:
description: Limits to apply at scrape time.
properties:
labelNameLength:
description: Maximum label name length. Uses Prometheus default
if left unspecified.
format: int64
type: integer
labelValueLength:
description: Maximum label value length. Uses Prometheus default
if left unspecified.
format: int64
type: integer
labels:
description: Maximum number of labels accepted for a single sample.
Uses Prometheus default if left unspecified.
format: int64
type: integer
samples:
description: Maximum number of samples accepted within a single
scrape. Uses Prometheus default if left unspecified.
format: int64
type: integer
type: object
selector:
description: Label selector that specifies which pods are selected
for this monitoring configuration.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
targetLabels:
description: Labels to add to the Prometheus target for discovered
endpoints
properties:
fromPod:
description: Labels to transfer from the Kubernetes Pod to Prometheus
target labels. Mappings are applied in order.
items:
description: LabelMapping specifies how to transfer a label
from a Kubernetes resource onto a Prometheus target.
properties:
from:
description: Kubenetes resource label to remap.
type: string
to:
description: Remapped Prometheus target label. Defaults
to the same name as `From`.
type: string
required:
- from
type: object
type: array
metadata:
description: Pod metadata labels that are set on all scraped targets.
Permitted keys are `pod`, `container`, and `node` for PodMonitoring
and `pod`, `container`, `node`, and `namespace` for ClusterPodMonitoring.
Defaults to [pod, container] for PodMonitoring and [namespace,
pod, container] for ClusterPodMonitoring. If set to null, it
will be interpreted as the empty list for PodMonitoring and
to [namespace] for ClusterPodMonitoring. This is for backwards-compatibility
only.
items:
type: string
type: array
type: object
required:
- endpoints
- selector
type: object
status:
description: Most recently observed status of the resource.
properties:
conditions:
description: Represents the latest available observations of a podmonitor's
current state.
items:
description: MonitoringCondition describes a condition of a PodMonitoring.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human-readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: MonitoringConditionType is the type of MonitoringCondition.
type: string
required:
- status
- type
type: object
type: array
observedGeneration:
description: The generation observed by the controller.
format: int64
type: integer
type: object
required:
- spec
type: object
served: true
storage: false
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: clusterrules.monitoring.googleapis.com
spec:
group: monitoring.googleapis.com
names:
kind: ClusterRules
listKind: ClusterRulesList
plural: clusterrules
singular: clusterrules
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: ClusterRules defines Prometheus alerting and recording rules
that are scoped to the current cluster. Only metric data from the current
cluster is processed and all rule results have their project_id and cluster
label preserved for query processing. If the location label is not preserved
by the rule, it defaults to the cluster's location.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of rules to record and alert on.
properties:
groups:
description: A list of Prometheus rule groups.
items:
description: 'RuleGroup declares rules in the Prometheus format:
https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/'
properties:
interval:
description: The interval at which to evaluate the rules. Must
be a valid Prometheus duration.
type: string
name:
description: The name of the rule group.
type: string
rules:
description: A list of rules that are executed sequentially
as part of this group.
items:
description: 'Rule is a single rule in the Prometheus format:
https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/'
properties:
alert:
description: Name of the alert to evaluate the expression
as. Only one of `record` and `alert` must be set.
type: string
annotations:
additionalProperties:
type: string
description: A set of annotations to attach to alerts
produced by the query expression. Only valid if `alert`
is set.
type: object
expr:
description: The PromQL expression to evaluate.
type: string
for:
description: The duration to wait before a firing alert
produced by this rule is sent to Alertmanager. Only
valid if `alert` is set.
type: string
labels:
additionalProperties:
type: string
description: A set of labels to attach to the result of
the query expression.
type: object
record:
description: Record the result of the expression to this
metric name. Only one of `record` and `alert` must be
set.
type: string
required:
- expr
type: object
type: array
required:
- interval
- name
- rules
type: object
type: array
required:
- groups
type: object
status:
description: Most recently observed status of the resource.
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
- name: v1alpha1
schema:
openAPIV3Schema:
description: ClusterRules defines Prometheus alerting and recording rules
that are scoped to the current cluster. Only metric data from the current
cluster is processed and all rule results have their project_id and cluster
label preserved for query processing. If the location label is not preserved
by the rule, it defaults to the cluster's location.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of rules to record and alert on.
properties:
groups:
description: A list of Prometheus rule groups.
items:
description: 'RuleGroup declares rules in the Prometheus format:
https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/'
properties:
interval:
description: The interval at which to evaluate the rules. Must
be a valid Prometheus duration.
type: string
name:
description: The name of the rule group.
type: string
rules:
description: A list of rules that are executed sequentially
as part of this group.
items:
description: 'Rule is a single rule in the Prometheus format:
https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/'
properties:
alert:
description: Name of the alert to evaluate the expression
as. Only one of `record` and `alert` must be set.
type: string
annotations:
additionalProperties:
type: string
description: A set of annotations to attach to alerts
produced by the query expression. Only valid if `alert`
is set.
type: object
expr:
description: The PromQL expression to evaluate.
type: string
for:
description: The duration to wait before a firing alert
produced by this rule is sent to Alertmanager. Only
valid if `alert` is set.
type: string
labels:
additionalProperties:
type: string
description: A set of labels to attach to the result of
the query expression.
type: object
record:
description: Record the result of the expression to this
metric name. Only one of `record` and `alert` must be
set.
type: string
required:
- expr
type: object
type: array
required:
- interval
- name
- rules
type: object
type: array
required:
- groups
type: object
status:
description: Most recently observed status of the resource.
type: object
required:
- spec
type: object
served: true
storage: false
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: globalrules.monitoring.googleapis.com
spec:
group: monitoring.googleapis.com
names:
kind: GlobalRules
listKind: GlobalRulesList
plural: globalrules
singular: globalrules
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: GlobalRules defines Prometheus alerting and recording rules that
are scoped to all data in the queried project. If the project_id or location
labels are not preserved by the rule, they default to the values of the
cluster.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of rules to record and alert on.
properties:
groups:
description: A list of Prometheus rule groups.
items:
description: 'RuleGroup declares rules in the Prometheus format:
https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/'
properties:
interval:
description: The interval at which to evaluate the rules. Must
be a valid Prometheus duration.
type: string
name:
description: The name of the rule group.
type: string
rules:
description: A list of rules that are executed sequentially
as part of this group.
items:
description: 'Rule is a single rule in the Prometheus format:
https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/'
properties:
alert:
description: Name of the alert to evaluate the expression
as. Only one of `record` and `alert` must be set.
type: string
annotations:
additionalProperties:
type: string
description: A set of annotations to attach to alerts
produced by the query expression. Only valid if `alert`
is set.
type: object
expr:
description: The PromQL expression to evaluate.
type: string
for:
description: The duration to wait before a firing alert
produced by this rule is sent to Alertmanager. Only
valid if `alert` is set.
type: string
labels:
additionalProperties:
type: string
description: A set of labels to attach to the result of
the query expression.
type: object
record:
description: Record the result of the expression to this
metric name. Only one of `record` and `alert` must be
set.
type: string
required:
- expr
type: object
type: array
required:
- interval
- name
- rules
type: object
type: array
required:
- groups
type: object
status:
description: Most recently observed status of the resource.
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
- name: v1alpha1
schema:
openAPIV3Schema:
description: GlobalRules defines Prometheus alerting and recording rules that
are scoped to all data in the queried project. If the project_id or location
labels are not preserved by the rule, they default to the values of the
cluster.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of rules to record and alert on.
properties:
groups:
description: A list of Prometheus rule groups.
items:
description: 'RuleGroup declares rules in the Prometheus format:
https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/'
properties:
interval:
description: The interval at which to evaluate the rules. Must
be a valid Prometheus duration.
type: string
name:
description: The name of the rule group.
type: string
rules:
description: A list of rules that are executed sequentially
as part of this group.
items:
description: 'Rule is a single rule in the Prometheus format:
https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/'
properties:
alert:
description: Name of the alert to evaluate the expression
as. Only one of `record` and `alert` must be set.
type: string
annotations:
additionalProperties:
type: string
description: A set of annotations to attach to alerts
produced by the query expression. Only valid if `alert`
is set.
type: object
expr:
description: The PromQL expression to evaluate.
type: string
for:
description: The duration to wait before a firing alert
produced by this rule is sent to Alertmanager. Only
valid if `alert` is set.
type: string
labels:
additionalProperties:
type: string
description: A set of labels to attach to the result of
the query expression.
type: object
record:
description: Record the result of the expression to this
metric name. Only one of `record` and `alert` must be
set.
type: string
required:
- expr
type: object
type: array
required:
- interval
- name
- rules
type: object
type: array
required:
- groups
type: object
status:
description: Most recently observed status of the resource.
type: object
required:
- spec
type: object
served: true
storage: false
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: operatorconfigs.monitoring.googleapis.com
spec:
group: monitoring.googleapis.com
names:
kind: OperatorConfig
listKind: OperatorConfigList
plural: operatorconfigs
singular: operatorconfig
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: OperatorConfig defines configuration of the gmp-operator.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
collection:
description: Collection specifies how the operator configures collection.
properties:
compression:
description: Compression enables compression of metrics collection
data
enum:
- none
- gzip
type: string
credentials:
description: A reference to GCP service account credentials with which
Prometheus collectors are run. It needs to have metric write permissions
for all project IDs to which data is written. Within GKE, this can
typically be left empty if the compute default service account has
the required permissions.
properties:
key:
description: The key of the secret to select from. Must be a
valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
externalLabels:
additionalProperties:
type: string
description: ExternalLabels specifies external labels that are attached
to all scraped data before being written to Cloud Monitoring. The
precedence behavior matches that of Prometheus.
type: object
filter:
description: Filter limits which metric data is sent to Cloud Monitoring.
properties:
matchOneOf:
description: "A list Prometheus time series matchers. Every time
series must match at least one of the matchers to be exported.
This field can be used equivalently to the match[] parameter
of the Prometheus federation endpoint to selectively export
data. \n Example: `[\"{job!='foobar'}\", \"{__name__!~'container_foo.*|container_bar.*'}\"]`"
items:
type: string
type: array
type: object
kubeletScraping:
description: Configuration to scrape the metric endpoints of the Kubelets.
properties:
interval:
description: The interval at which the metric endpoints are scraped.
type: string
required:
- interval
type: object
type: object
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
managedAlertmanager:
default:
configSecret:
key: alertmanager.yaml
name: alertmanager
description: ManagedAlertmanager holds information for configuring the
managed instance of Alertmanager.
properties:
configSecret:
description: ConfigSecret refers to the name of a single-key Secret
in the public namespace that holds the managed Alertmanager config
file.
properties:
key:
description: The key of the secret to select from. Must be a
valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
type: object
metadata:
type: object
rules:
description: Rules specifies how the operator configures and deployes
rule-evaluator.
properties:
alerting:
description: Alerting contains how the rule-evaluator configures alerting.
properties:
alertmanagers:
description: Alertmanagers contains endpoint configuration for
designated Alertmanagers.
items:
description: AlertmanagerEndpoints defines a selection of a
single Endpoints object containing alertmanager IPs to fire
alerts against.
properties:
apiVersion:
description: Version of the Alertmanager API that rule-evaluator
uses to send alerts. It can be "v1" or "v2".
type: string
authorization:
description: Authorization section for this alertmanager
endpoint
properties:
credentials:
description: The secret's key that contains the credentials
of the request
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
type:
description: Set the authentication type. Defaults to
Bearer, Basic will cause an error
type: string
type: object
name:
description: Name of Endpoints object in Namespace.
type: string
namespace:
description: Namespace of Endpoints object.
type: string
pathPrefix:
description: Prefix for the HTTP path alerts are pushed
to.
type: string
port:
anyOf:
- type: integer
- type: string
description: Port the Alertmanager API is exposed on.
x-kubernetes-int-or-string: true
scheme:
description: Scheme to use when firing alerts.
type: string
timeout:
description: Timeout is a per-target Alertmanager timeout
when pushing alerts.
type: string
tls:
description: TLS Config to use for alertmanager connection.
properties:
ca:
description: Struct containing the CA cert to use for
the targets.
properties:
configMap:
description: ConfigMap containing data to use for
the targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion,
kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or
its key must be defined
type: boolean
required:
- key
type: object
secret:
description: Secret containing data to use for the
targets.
properties:
key:
description: The key of the secret to select
from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion,
kind, uid?'
type: string
optional:
description: Specify whether the Secret or its
key must be defined
type: boolean
required:
- key
type: object
type: object
cert:
description: Struct containing the client cert file
for the targets.
properties:
configMap:
description: ConfigMap containing data to use for
the targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion,
kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or
its key must be defined
type: boolean
required:
- key
type: object
secret:
description: Secret containing data to use for the
targets.
properties:
key:
description: The key of the secret to select
from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion,
kind, uid?'
type: string
optional:
description: Specify whether the Secret or its
key must be defined
type: boolean
required:
- key
type: object
type: object
insecureSkipVerify:
description: Disable target certificate validation.
type: boolean
keySecret:
description: Secret containing the client key file for
the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
serverName:
description: Used to verify the hostname for the targets.
type: string
type: object
required:
- name
- namespace
- port
type: object
type: array
type: object
credentials:
description: A reference to GCP service account credentials with which
the rule evaluator container is run. It needs to have metric read
permissions against queryProjectId and metric write permissions
against all projects to which rule results are written. Within GKE,
this can typically be left empty if the compute default service
account has the required permissions.
properties:
key:
description: The key of the secret to select from. Must be a
valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
externalLabels:
additionalProperties:
type: string
description: ExternalLabels specifies external labels that are attached
to any rule results and alerts produced by rules. The precedence
behavior matches that of Prometheus.
type: object
generatorUrl:
description: The base URL used for the generator URL in the alert
notification payload. Should point to an instance of a query frontend
that gives access to queryProjectID.
type: string
queryProjectID:
description: QueryProjectID is the GCP project ID to evaluate rules
against. If left blank, the rule-evaluator will try attempt to infer
the Project ID from the environment.
type: string
type: object
type: object
served: true
storage: true
- name: v1alpha1
schema:
openAPIV3Schema:
description: OperatorConfig defines configuration of the gmp-operator.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
collection:
description: Collection specifies how the operator configures collection.
properties:
credentials:
description: A reference to GCP service account credentials with which
Prometheus collectors are run. It needs to have metric write permissions
for all project IDs to which data is written. Within GKE, this can
typically be left empty if the compute default service account has
the required permissions.
properties:
key:
description: The key of the secret to select from. Must be a
valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
externalLabels:
additionalProperties:
type: string
description: ExternalLabels specifies external labels that are attached
to all scraped data before being written to Cloud Monitoring. The
precedence behavior matches that of Prometheus.
type: object
filter:
description: Filter limits which metric data is sent to Cloud Monitoring.
properties:
matchOneOf:
description: "A list Prometheus time series matchers. Every time
series must match at least one of the matchers to be exported.
This field can be used equivalently to the match[] parameter
of the Prometheus federation endpoint to selectively export
data. \n Example: `[\"{job='prometheus'}\", \"{__name__=~'job:.*'}\"]`"
items:
type: string
type: array
type: object
type: object
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
rules:
description: Rules specifies how the operator configures and deployes
rule-evaluator.
properties:
alerting:
description: Alerting contains how the rule-evaluator configures alerting.
properties:
alertmanagers:
description: Alertmanagers contains endpoint configuration for
designated Alertmanagers.
items:
description: AlertmanagerEndpoints defines a selection of a
single Endpoints object containing alertmanager IPs to fire
alerts against.
properties:
apiVersion:
description: Version of the Alertmanager API that rule-evaluator
uses to send alerts. It can be "v1" or "v2".
type: string
authorization:
description: Authorization section for this alertmanager
endpoint
properties:
credentials:
description: The secret's key that contains the credentials
of the request
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
type:
description: Set the authentication type. Defaults to
Bearer, Basic will cause an error
type: string
type: object
name:
description: Name of Endpoints object in Namespace.
type: string
namespace:
description: Namespace of Endpoints object.
type: string
pathPrefix:
description: Prefix for the HTTP path alerts are pushed
to.
type: string
port:
anyOf:
- type: integer
- type: string
description: Port the Alertmanager API is exposed on.
x-kubernetes-int-or-string: true
scheme:
description: Scheme to use when firing alerts.
type: string
timeout:
description: Timeout is a per-target Alertmanager timeout
when pushing alerts.
type: string
tls:
description: TLS Config to use for alertmanager connection.
properties:
ca:
description: Struct containing the CA cert to use for
the targets.
properties:
configMap:
description: ConfigMap containing data to use for
the targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion,
kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or
its key must be defined
type: boolean
required:
- key
type: object
secret:
description: Secret containing data to use for the
targets.
properties:
key:
description: The key of the secret to select
from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion,
kind, uid?'
type: string
optional:
description: Specify whether the Secret or its
key must be defined
type: boolean
required:
- key
type: object
type: object
cert:
description: Struct containing the client cert file
for the targets.
properties:
configMap:
description: ConfigMap containing data to use for
the targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion,
kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or
its key must be defined
type: boolean
required:
- key
type: object
secret:
description: Secret containing data to use for the
targets.
properties:
key:
description: The key of the secret to select
from. Must be a valid secret key.
type: string
name:
description: 'Name of the referent. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion,
kind, uid?'
type: string
optional:
description: Specify whether the Secret or its
key must be defined
type: boolean
required:
- key
type: object
type: object
insecureSkipVerify:
description: Disable target certificate validation.
type: boolean
keySecret:
description: Secret containing the client key file for
the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
serverName:
description: Used to verify the hostname for the targets.
type: string
type: object
required:
- name
- namespace
- port
type: object
type: array
type: object
credentials:
description: A reference to GCP service account credentials with which
the rule evaluator container is run. It needs to have metric read
permissions against queryProjectId and metric write permissions
against all projects to which rule results are written. Within GKE,
this can typically be left empty if the compute default service
account has the required permissions.
properties:
key:
description: The key of the secret to select from. Must be a
valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
externalLabels:
additionalProperties:
type: string
description: ExternalLabels specifies external labels that are attached
to any rule results and alerts produced by rules. The precedence
behavior matches that of Prometheus.
type: object
queryProjectID:
description: QueryProjectID is the GCP project ID to evaluate rules
against. If left blank, the rule-evaluator will try attempt to infer
the Project ID from the environment.
type: string
type: object
type: object
served: true
storage: false
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: podmonitorings.monitoring.googleapis.com
spec:
group: monitoring.googleapis.com
names:
kind: PodMonitoring
listKind: PodMonitoringList
plural: podmonitorings
singular: podmonitoring
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: PodMonitoring defines monitoring for a set of pods.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of desired Pod selection for target discovery
by Prometheus.
properties:
endpoints:
description: The endpoints to scrape on the selected pods.
items:
description: ScrapeEndpoint specifies a Prometheus metrics endpoint
to scrape.
properties:
interval:
description: Interval at which to scrape metrics. Must be a
valid Prometheus duration.
type: string
metricRelabeling:
description: Relabeling rules for metrics scraped from this
endpoint. Relabeling rules that override protected target
labels (project_id, location, cluster, namespace, job, instance,
or __address__) are not permitted. The labelmap action is
not permitted in general.
items:
description: RelabelingRule defines a single Prometheus relabeling
rule.
properties:
action:
description: Action to perform based on regex matching.
Defaults to 'replace'.
type: string
modulus:
description: Modulus to take of the hash of the source
label values.
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched. Defaults to '(.*)'.
type: string
replacement:
description: Replacement value against which a regex replace
is performed if the regular expression matches. Regex
capture groups are available. Defaults to '$1'.
type: string
separator:
description: Separator placed between concatenated source
label values. Defaults to ';'.
type: string
sourceLabels:
description: The source labels select values from existing
labels. Their content is concatenated using the configured
separator and matched against the configured regular
expression for the replace, keep, and drop actions.
items:
type: string
type: array
targetLabel:
description: Label to which the resulting value is written
in a replace action. It is mandatory for replace actions.
Regex capture groups are available.
type: string
type: object
type: array
params:
additionalProperties:
items:
type: string
type: array
description: HTTP GET params to use when scraping.
type: object
path:
description: HTTP path to scrape metrics from. Defaults to "/metrics".
type: string
port:
anyOf:
- type: integer
- type: string
description: Name or number of the port to scrape. The container
metadata label is only populated if the port is referenced
by name because port numbers are not unique across containers.
x-kubernetes-int-or-string: true
proxyUrl:
description: Proxy URL to scrape through. Encoded passwords
are not supported.
type: string
scheme:
description: Protocol scheme to use to scrape.
type: string
timeout:
description: Timeout for metrics scrapes. Must be a valid Prometheus
duration. Must not be larger then the scrape interval.
type: string
required:
- port
type: object
type: array
limits:
description: Limits to apply at scrape time.
properties:
labelNameLength:
description: Maximum label name length. Uses Prometheus default
if left unspecified.
format: int64
type: integer
labelValueLength:
description: Maximum label value length. Uses Prometheus default
if left unspecified.
format: int64
type: integer
labels:
description: Maximum number of labels accepted for a single sample.
Uses Prometheus default if left unspecified.
format: int64
type: integer
samples:
description: Maximum number of samples accepted within a single
scrape. Uses Prometheus default if left unspecified.
format: int64
type: integer
type: object
selector:
description: Label selector that specifies which pods are selected
for this monitoring configuration.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
targetLabels:
description: Labels to add to the Prometheus target for discovered
endpoints. The `instance` label is always set to `<pod_name>:<port>`
or `<node_name>:<port>` if the scraped pod is controlled by a DaemonSet.
properties:
fromPod:
description: Labels to transfer from the Kubernetes Pod to Prometheus
target labels. Mappings are applied in order.
items:
description: LabelMapping specifies how to transfer a label
from a Kubernetes resource onto a Prometheus target.
properties:
from:
description: Kubenetes resource label to remap.
type: string
to:
description: Remapped Prometheus target label. Defaults
to the same name as `From`.
type: string
required:
- from
type: object
type: array
metadata:
description: Pod metadata labels that are set on all scraped targets.
Permitted keys are `pod`, `container`, and `node` for PodMonitoring
and `pod`, `container`, `node`, and `namespace` for ClusterPodMonitoring.
The `container` label is only populated if the scrape port is
referenced by name. Defaults to [pod, container] for PodMonitoring
and [namespace, pod, container] for ClusterPodMonitoring. If
set to null, it will be interpreted as the empty list for PodMonitoring
and to [namespace] for ClusterPodMonitoring. This is for backwards-compatibility
only.
items:
type: string
type: array
type: object
required:
- endpoints
- selector
type: object
status:
description: Most recently observed status of the resource.
properties:
conditions:
description: Represents the latest available observations of a podmonitor's
current state.
items:
description: MonitoringCondition describes a condition of a PodMonitoring.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human-readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: MonitoringConditionType is the type of MonitoringCondition.
type: string
required:
- status
- type
type: object
type: array
observedGeneration:
description: The generation observed by the controller.
format: int64
type: integer
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
- name: v1alpha1
schema:
openAPIV3Schema:
description: PodMonitoring defines monitoring for a set of pods.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of desired Pod selection for target discovery
by Prometheus.
properties:
endpoints:
description: The endpoints to scrape on the selected pods.
items:
description: ScrapeEndpoint specifies a Prometheus metrics endpoint
to scrape.
properties:
interval:
description: Interval at which to scrape metrics. Must be a
valid Prometheus duration.
type: string
metricRelabeling:
description: Relabeling rules for metrics scraped from this
endpoint. Relabeling rules that override protected target
labels (project_id, location, cluster, namespace, job, instance,
or __address__) are not permitted. The labelmap action is
not permitted in general.
items:
description: RelabelingRule defines a single Prometheus relabeling
rule.
properties:
action:
description: Action to perform based on regex matching.
Defaults to 'replace'.
type: string
modulus:
description: Modulus to take of the hash of the source
label values.
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched. Defaults to '(.*)'.
type: string
replacement:
description: Replacement value against which a regex replace
is performed if the regular expression matches. Regex
capture groups are available. Defaults to '$1'.
type: string
separator:
description: Separator placed between concatenated source
label values. Defaults to ';'.
type: string
sourceLabels:
description: The source labels select values from existing
labels. Their content is concatenated using the configured
separator and matched against the configured regular
expression for the replace, keep, and drop actions.
items:
type: string
type: array
targetLabel:
description: Label to which the resulting value is written
in a replace action. It is mandatory for replace actions.
Regex capture groups are available.
type: string
type: object
type: array
params:
additionalProperties:
items:
type: string
type: array
description: HTTP GET params to use when scraping.
type: object
path:
description: HTTP path to scrape metrics from. Defaults to "/metrics".
type: string
port:
anyOf:
- type: integer
- type: string
description: Name or number of the port to scrape.
x-kubernetes-int-or-string: true
proxyUrl:
description: Proxy URL to scrape through. Encoded passwords
are not supported.
type: string
scheme:
description: Protocol scheme to use to scrape.
type: string
timeout:
description: Timeout for metrics scrapes. Must be a valid Prometheus
duration. Must not be larger then the scrape interval.
type: string
required:
- port
type: object
type: array
limits:
description: Limits to apply at scrape time.
properties:
labelNameLength:
description: Maximum label name length. Uses Prometheus default
if left unspecified.
format: int64
type: integer
labelValueLength:
description: Maximum label value length. Uses Prometheus default
if left unspecified.
format: int64
type: integer
labels:
description: Maximum number of labels accepted for a single sample.
Uses Prometheus default if left unspecified.
format: int64
type: integer
samples:
description: Maximum number of samples accepted within a single
scrape. Uses Prometheus default if left unspecified.
format: int64
type: integer
type: object
selector:
description: Label selector that specifies which pods are selected
for this monitoring configuration.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
targetLabels:
description: Labels to add to the Prometheus target for discovered
endpoints.
properties:
fromPod:
description: Labels to transfer from the Kubernetes Pod to Prometheus
target labels. Mappings are applied in order.
items:
description: LabelMapping specifies how to transfer a label
from a Kubernetes resource onto a Prometheus target.
properties:
from:
description: Kubenetes resource label to remap.
type: string
to:
description: Remapped Prometheus target label. Defaults
to the same name as `From`.
type: string
required:
- from
type: object
type: array
metadata:
description: Pod metadata labels that are set on all scraped targets.
Permitted keys are `pod`, `container`, and `node` for PodMonitoring
and `pod`, `container`, `node`, and `namespace` for ClusterPodMonitoring.
Defaults to [pod, container] for PodMonitoring and [namespace,
pod, container] for ClusterPodMonitoring. If set to null, it
will be interpreted as the empty list for PodMonitoring and
to [namespace] for ClusterPodMonitoring. This is for backwards-compatibility
only.
items:
type: string
type: array
type: object
required:
- endpoints
- selector
type: object
status:
description: Most recently observed status of the resource.
properties:
conditions:
description: Represents the latest available observations of a podmonitor's
current state.
items:
description: MonitoringCondition describes a condition of a PodMonitoring.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human-readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: MonitoringConditionType is the type of MonitoringCondition.
type: string
required:
- status
- type
type: object
type: array
observedGeneration:
description: The generation observed by the controller.
format: int64
type: integer
type: object
required:
- spec
type: object
served: true
storage: false
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: rules.monitoring.googleapis.com
spec:
group: monitoring.googleapis.com
names:
kind: Rules
listKind: RulesList
plural: rules
singular: rules
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: Rules defines Prometheus alerting and recording rules that are
scoped to the namespace of the resource. Only metric data from this namespace
is processed and all rule results have their project_id, cluster, and namespace
label preserved for query processing. If the location label is not preserved
by the rule, it defaults to the cluster's location.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of rules to record and alert on.
properties:
groups:
description: A list of Prometheus rule groups.
items:
description: 'RuleGroup declares rules in the Prometheus format:
https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/'
properties:
interval:
description: The interval at which to evaluate the rules. Must
be a valid Prometheus duration.
type: string
name:
description: The name of the rule group.
type: string
rules:
description: A list of rules that are executed sequentially
as part of this group.
items:
description: 'Rule is a single rule in the Prometheus format:
https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/'
properties:
alert:
description: Name of the alert to evaluate the expression
as. Only one of `record` and `alert` must be set.
type: string
annotations:
additionalProperties:
type: string
description: A set of annotations to attach to alerts
produced by the query expression. Only valid if `alert`
is set.
type: object
expr:
description: The PromQL expression to evaluate.
type: string
for:
description: The duration to wait before a firing alert
produced by this rule is sent to Alertmanager. Only
valid if `alert` is set.
type: string
labels:
additionalProperties:
type: string
description: A set of labels to attach to the result of
the query expression.
type: object
record:
description: Record the result of the expression to this
metric name. Only one of `record` and `alert` must be
set.
type: string
required:
- expr
type: object
type: array
required:
- interval
- name
- rules
type: object
type: array
required:
- groups
type: object
status:
description: Most recently observed status of the resource.
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
- name: v1alpha1
schema:
openAPIV3Schema:
description: Rules defines Prometheus alerting and recording rules that are
scoped to the namespace of the resource. Only metric data from this namespace
is processed and all rule results have their project_id, cluster, and namespace
label preserved for query processing. If the location label is not preserved
by the rule, it defaults to the cluster's location.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of rules to record and alert on.
properties:
groups:
description: A list of Prometheus rule groups.
items:
description: 'RuleGroup declares rules in the Prometheus format:
https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/'
properties:
interval:
description: The interval at which to evaluate the rules. Must
be a valid Prometheus duration.
type: string
name:
description: The name of the rule group.
type: string
rules:
description: A list of rules that are executed sequentially
as part of this group.
items:
description: 'Rule is a single rule in the Prometheus format:
https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/'
properties:
alert:
description: Name of the alert to evaluate the expression
as. Only one of `record` and `alert` must be set.
type: string
annotations:
additionalProperties:
type: string
description: A set of annotations to attach to alerts
produced by the query expression. Only valid if `alert`
is set.
type: object
expr:
description: The PromQL expression to evaluate.
type: string
for:
description: The duration to wait before a firing alert
produced by this rule is sent to Alertmanager. Only
valid if `alert` is set.
type: string
labels:
additionalProperties:
type: string
description: A set of labels to attach to the result of
the query expression.
type: object
record:
description: Record the result of the expression to this
metric name. Only one of `record` and `alert` must be
set.
type: string
required:
- expr
type: object
type: array
required:
- interval
- name
- rules
type: object
type: array
required:
- groups
type: object
status:
description: Most recently observed status of the resource.
type: object
required:
- spec
type: object
served: true
storage: false
subresources:
status: {}
operator.yaml
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# NOTE: This file is autogenerated.
apiVersion: v1
kind: Namespace
metadata:
name: gmp-system
---
apiVersion: v1
kind: Namespace
metadata:
name: gmp-public
---
apiVersion: scheduling.k8s.io/v1
kind: PriorityClass
metadata:
name: gmp-critical
description: Used for GMP collector pods.
value: 1000000000
---
apiVersion: v1
kind: ServiceAccount
metadata:
namespace: gmp-system
name: collector
---
apiVersion: v1
kind: ServiceAccount
metadata:
namespace: gmp-system
name: operator
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: gmp-system:collector
rules:
- apiGroups: [""]
resources:
- endpoints
- nodes
- nodes/metrics
- pods
- services
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources:
- configmaps
verbs: ["get"]
- nonResourceURLs: ["/metrics"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
namespace: gmp-system
name: operator
rules:
- apiGroups: [""]
resources:
- secrets
verbs: ["list", "watch", "create"]
- apiGroups: [""]
resources:
- secrets
resourceNames: ["collection", "rules", "alertmanager"]
verbs: ["get", "patch", "update"]
- apiGroups: [""]
resources:
- configmaps
verbs: ["list", "watch", "create"]
- apiGroups: [""]
resources:
- configmaps
resourceNames: ["collector", "rule-evaluator", "rules-generated"]
verbs: ["get", "patch", "update"]
- apiGroups: ["apps"]
resources:
- daemonsets
resourceNames: ["collector"]
verbs: ["get", "list", "watch", "delete", "patch", "update"]
- apiGroups: ["apps"]
resources:
- deployments
verbs: ["list", "watch"]
- apiGroups: ["apps"]
resources:
- deployments
resourceNames: ["collector", "rule-evaluator"]
verbs: ["get", "delete", "patch", "update"]
- apiGroups: [""]
resources:
- services
resourceNames: ["alertmanager"]
verbs: ["get", "list", "watch"]
- apiGroups: ["apps"]
resources:
- statefulsets
resourceNames: ["alertmanager"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
namespace: gmp-public
name: operator
rules:
- apiGroups: [""]
resources:
- secrets
verbs: ["get", "list", "watch"]
- apiGroups: ["monitoring.googleapis.com"]
resources:
- operatorconfigs
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: gmp-system:operator
rules:
- apiGroups: ["admissionregistration.k8s.io"]
resources:
- validatingwebhookconfigurations
- mutatingwebhookconfigurations
resourceNames:
- gmp-operator.gmp-system.monitoring.googleapis.com
verbs: ["get", "patch", "update", "watch"]
- apiGroups: ["admissionregistration.k8s.io"]
resources:
- validatingwebhookconfigurations
- mutatingwebhookconfigurations
resourceNames:
- gmp-operator
verbs: ["delete"]
- apiGroups: ["monitoring.googleapis.com"]
resources:
- clusterpodmonitorings
- clusterrules
- globalrules
- podmonitorings
- rules
verbs: ["get", "list", "watch"]
- apiGroups: ["monitoring.googleapis.com"]
resources:
- clusterpodmonitorings/status
- clusterrules/status
- globalrules/status
- podmonitorings/status
- rules/status
verbs: ["get", "patch", "update"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: gmp-system:operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: gmp-system:operator
subjects:
- kind: ServiceAccount
namespace: gmp-system
name: operator
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
namespace: gmp-public
name: operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: operator
subjects:
- kind: ServiceAccount
namespace: gmp-system
name: operator
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
namespace: gmp-system
name: operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: operator
subjects:
- kind: ServiceAccount
name: operator
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: gmp-system:collector
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: gmp-system:collector
subjects:
- kind: ServiceAccount
namespace: gmp-system
name: collector
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: gmp-system
name: gmp-operator
labels:
app: managed-prometheus-operator
app.kubernetes.io/name: gmp-operator
app.kubernetes.io/component: operator
app.kubernetes.io/part-of: gmp
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: gmp-operator
app.kubernetes.io/component: operator
app.kubernetes.io/part-of: gmp
template:
metadata:
labels:
app: managed-prometheus-operator
app.kubernetes.io/name: gmp-operator
app.kubernetes.io/component: operator
app.kubernetes.io/part-of: gmp
spec:
serviceAccountName: operator
automountServiceAccountToken: true
containers:
- name: operator
image: gke.gcr.io/prometheus-engine/operator:v0.5.0-gke.0
args:
- "--operator-namespace=gmp-system"
- "--public-namespace=gmp-public"
- "--webhook-addr=:10250"
ports:
- name: web
# Note this should match the --listen-addr flag passed in to the operator args.
# Default is 10250.
containerPort: 10250
- name: metrics
# Note this should match the --metrics-addr flag passed in to the operator args.
# Default is 18080.
containerPort: 18080
securityContext:
allowPrivilegeEscalation: false
privileged: false
capabilities:
drop:
- all
runAsUser: 1000
runAsGroup: 1000
runAsNonRoot: true
securityContext:
seccompProfile:
type: RuntimeDefault
---
apiVersion: v1
kind: Service
metadata:
namespace: gmp-system
name: gmp-operator
spec:
selector:
app.kubernetes.io/name: gmp-operator
app.kubernetes.io/component: operator
app.kubernetes.io/part-of: gmp
ports:
# This port does not do anything, but allows upgrades in the case
# of server-side apply (SSA) conflicts.
# TODO(pintohutch): remove once the SSA issues from upgrades are resolved.
- protocol: TCP
port: 8443
targetPort: webhook
name: legacy
- protocol: TCP
port: 443
targetPort: web
name: webhook
---
apiVersion: monitoring.googleapis.com/v1
kind: OperatorConfig
metadata:
namespace: gmp-public
name: config
---
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: gmp-operator.gmp-system.monitoring.googleapis.com
webhooks:
- name: validate.podmonitorings.gmp-operator.gmp-system.monitoring.googleapis.com
admissionReviewVersions:
- v1
clientConfig:
# caBundle populated by operator.
service:
namespace: gmp-system
name: gmp-operator
path: /validate/monitoring.googleapis.com/v1/podmonitorings
port: 443
failurePolicy: Fail
sideEffects: None
rules:
- apiGroups:
- monitoring.googleapis.com
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- podmonitorings
- name: validate.clusterpodmonitorings.gmp-operator.gmp-system.monitoring.googleapis.com
admissionReviewVersions:
- v1
clientConfig:
# caBundle populated by operator.
service:
namespace: gmp-system
name: gmp-operator
path: /validate/monitoring.googleapis.com/v1/clusterpodmonitorings
port: 443
failurePolicy: Fail
sideEffects: None
rules:
- apiGroups:
- monitoring.googleapis.com
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- clusterpodmonitorings
- name: validate.rules.gmp-operator.gmp-system.monitoring.googleapis.com
admissionReviewVersions:
- v1
clientConfig:
# caBundle populated by operator.
service:
namespace: gmp-system
name: gmp-operator
path: /validate/monitoring.googleapis.com/v1/rules
port: 443
failurePolicy: Fail
sideEffects: None
rules:
- apiGroups:
- monitoring.googleapis.com
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- rules
- name: validate.clusterrules.gmp-operator.gmp-system.monitoring.googleapis.com
admissionReviewVersions:
- v1
clientConfig:
# caBundle populated by operator.
service:
namespace: gmp-system
name: gmp-operator
path: /validate/monitoring.googleapis.com/v1/clusterrules
port: 443
failurePolicy: Fail
sideEffects: None
rules:
- apiGroups:
- monitoring.googleapis.com
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- clusterrules
- name: validate.globalrules.gmp-operator.gmp-system.monitoring.googleapis.com
admissionReviewVersions:
- v1
clientConfig:
# caBundle populated by operator.
service:
namespace: gmp-system
name: gmp-operator
path: /validate/monitoring.googleapis.com/v1/globalrules
port: 443
failurePolicy: Fail
sideEffects: None
rules:
- apiGroups:
- monitoring.googleapis.com
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- globalrules
- name: validate.operatorconfigs.gmp-operator.gmp-system.monitoring.googleapis.com
admissionReviewVersions:
- v1
clientConfig:
# caBundle populated by operator.
service:
namespace: gmp-system
name: gmp-operator
path: /validate/monitoring.googleapis.com/v1/operatorconfigs
port: 443
failurePolicy: Fail
sideEffects: None
rules:
- apiGroups:
- monitoring.googleapis.com
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- operatorconfigs
---
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
name: gmp-operator.gmp-system.monitoring.googleapis.com
webhooks:
- name: default.podmonitorings.gmp-operator.gmp-system.monitoring.googleapis.com
admissionReviewVersions:
- v1
clientConfig:
# caBundle populated by operator.
service:
namespace: gmp-system
name: gmp-operator
path: /default/monitoring.googleapis.com/v1/podmonitorings
port: 443
failurePolicy: Fail
sideEffects: None
rules:
- apiGroups:
- monitoring.googleapis.com
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- podmonitorings
- name: default.clusterpodmonitorings.gmp-operator.gmp-system.monitoring.googleapis.com
admissionReviewVersions:
- v1
clientConfig:
# caBundle populated by operator.
service:
namespace: gmp-system
name: gmp-operator
path: /default/monitoring.googleapis.com/v1/clusterpodmonitorings
port: 443
failurePolicy: Fail
sideEffects: None
rules:
- apiGroups:
- monitoring.googleapis.com
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- clusterpodmonitorings
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
namespace: gmp-system
name: collector
spec:
selector:
matchLabels:
app.kubernetes.io/name: collector
template:
metadata:
labels:
app: managed-prometheus-collector
app.kubernetes.io/name: collector
annotations:
components.gke.io/component-name: managed_prometheus
# The emptyDir for the storage and config directories prevents cluster
# autoscaling unless this annotation is set.
cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
spec:
nodeSelector:
kubernetes.io/arch: amd64
kubernetes.io/os: linux
initContainers:
- name: config-init
image: gke.gcr.io/gke-distroless/bash
command: ['/bin/bash', '-c', 'touch /prometheus/config_out/config.yaml']
volumeMounts:
- name: config-out
mountPath: /prometheus/config_out
containers:
- name: prometheus
image: gke.gcr.io/prometheus-engine/prometheus:v2.35.0-gmp.2-gke.0
args:
- --config.file=/prometheus/config_out/config.yaml
- --storage.tsdb.path=/prometheus/data
- --storage.tsdb.no-lockfile
# Keep 30 minutes of data. As we are backed by an emptyDir volume, this will count towards
# the containers memory usage. We could lower it further if this becomes problematic, but
# it the window for local data is quite convenient for debugging.
- --storage.tsdb.retention.time=30m
- --storage.tsdb.wal-compression
# Effectively disable compaction and make blocks short enough so that our retention window
# can be kept in practice.
- --storage.tsdb.min-block-duration=10m
- --storage.tsdb.max-block-duration=10m
- --web.listen-address=:19090
- --web.enable-lifecycle
- --web.route-prefix=/
- --export.user-agent=prometheus/2.35.0-gmp.2 (mode:kubectl)
# The environment variable EXTRA_ARGS will be populated by the operator.
# DO NOT specify it here.
env:
- name: GOGC
value: "25"
ports:
- name: prom-metrics
containerPort: 19090
livenessProbe:
httpGet:
path: /-/healthy
port: 19090
scheme: HTTP
readinessProbe:
httpGet:
path: /-/ready
port: 19090
scheme: HTTP
resources:
limits:
cpu: 1000m
memory: 3G
requests:
cpu: 100m
memory: 200M
volumeMounts:
- name: storage
mountPath: /prometheus/data
- name: config-out
mountPath: /prometheus/config_out
readOnly: true
- name: collection-secret
mountPath: /etc/secrets
readOnly: true
securityContext:
allowPrivilegeEscalation: false
privileged: false
capabilities:
drop:
- all
runAsUser: 1000
runAsGroup: 1000
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
- name: config-reloader
image: gke.gcr.io/prometheus-engine/config-reloader:v0.5.0-gke.0
args:
- --config-file=/prometheus/config/config.yaml
- --config-file-output=/prometheus/config_out/config.yaml
- --reload-url=http://localhost:19090/-/reload
- --listen-address=:19091
env:
- name: NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
ports:
- name: cfg-rel-metrics
containerPort: 19091
resources:
limits:
cpu: 10m
memory: 32M
requests:
cpu: 5m
memory: 16M
volumeMounts:
- name: config
mountPath: /prometheus/config
readOnly: true
- name: config-out
mountPath: /prometheus/config_out
securityContext:
allowPrivilegeEscalation: false
privileged: false
capabilities:
drop:
- all
runAsUser: 1000
runAsGroup: 1000
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
serviceAccountName: collector
automountServiceAccountToken: true
priorityClassName: gmp-critical
tolerations:
- effect: NoExecute
operator: Exists
- effect: NoSchedule
operator: Exists
volumes:
- name: storage
emptyDir: {}
- name: config
configMap:
name: collector
- name: config-out
emptyDir: {}
- name: collection-secret
secret:
secretName: collection
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: gmp-system
name: rule-evaluator
spec:
selector:
matchLabels:
app.kubernetes.io/name: rule-evaluator
replicas: 1
template:
metadata:
labels:
app: managed-prometheus-rule-evaluator
app.kubernetes.io/name: rule-evaluator
annotations:
components.gke.io/component-name: managed_prometheus
# The emptyDir for the storage and config directories prevents cluster
# autoscaling unless this annotation is set.
cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
spec:
nodeSelector:
kubernetes.io/arch: amd64
kubernetes.io/os: linux
initContainers:
- name: config-init
image: gke.gcr.io/gke-distroless/bash
command: ['/bin/bash', '-c', 'touch /prometheus/config_out/config.yaml']
volumeMounts:
- name: config-out
mountPath: /prometheus/config_out
containers:
- name: evaluator
image: gke.gcr.io/prometheus-engine/rule-evaluator:v0.5.0-gke.0
args:
- --config.file=/prometheus/config_out/config.yaml
- --web.listen-address=:19092
- --export.user-agent=rule-evaluator/0.5.0 (mode:kubectl)
ports:
- name: r-eval-metrics
containerPort: 19092
livenessProbe:
httpGet:
path: /-/healthy
port: 19092
scheme: HTTP
readinessProbe:
httpGet:
path: /-/ready
port: 19092
scheme: HTTP
resources:
limits:
cpu: 1000m
memory: 1G
requests:
cpu: 100m
memory: 200M
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- all
privileged: false
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
volumeMounts:
- name: config-out
mountPath: /prometheus/config_out
readOnly: true
- name: rules
mountPath: /etc/rules
readOnly: true
- name: rules-secret
mountPath: /etc/secrets
readOnly: true
- name: config-reloader
image: gke.gcr.io/prometheus-engine/config-reloader:v0.5.0-gke.0
args:
- --config-file=/prometheus/config/config.yaml
- --config-file-output=/prometheus/config_out/config.yaml
- --watched-dir=/etc/rules
- --watched-dir=/etc/secrets
- --reload-url=http://localhost:19092/-/reload
- --listen-address=:19093
ports:
- containerPort: 19093
name: cfg-rel-metrics
resources:
limits:
cpu: 10m
memory: 32M
requests:
cpu: 5m
memory: 16M
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- all
privileged: false
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
volumeMounts:
- name: config
mountPath: /prometheus/config
readOnly: true
- name: config-out
mountPath: /prometheus/config_out
- name: rules
mountPath: /etc/rules
readOnly: true
- name: rules-secret
mountPath: /etc/secrets
readOnly: true
priorityClassName: gmp-critical
serviceAccountName: collector
automountServiceAccountToken: true
volumes:
- name: config
configMap:
defaultMode: 420
name: rule-evaluator
- name: config-out
emptyDir: {}
- name: rules
configMap:
defaultMode: 420
name: rules-generated
- name: rules-secret
secret:
defaultMode: 420
secretName: rules
---
apiVersion: v1
kind: Secret
metadata:
namespace: gmp-system
name: alertmanager
type: Opaque
data:
config.yaml: cmVjZWl2ZXJzOgogIC0gbmFtZTogIm5vb3AiCnJvdXRlOgogIHJlY2VpdmVyOiAibm9vcCIK
---
apiVersion: v1
kind: Service
metadata:
namespace: gmp-system
name: alertmanager
spec:
selector:
app.kubernetes.io/name: alertmanager
clusterIP: None
ports:
- port: 9093
targetPort: 9093
name: alertmanager
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
namespace: gmp-system
name: alertmanager
spec:
selector:
matchLabels:
app: managed-prometheus-alertmanager
app.kubernetes.io/name: alertmanager
serviceName: alertmanager
replicas: 1
template:
metadata:
labels:
app.kubernetes.io/name: alertmanager
app: managed-prometheus-alertmanager
annotations:
components.gke.io/component-name: managed_prometheus
cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
spec:
initContainers:
- name: config-init
image: gke.gcr.io/gke-distroless/bash
command: ['/bin/bash', '-c', 'touch /alertmanager/config_out/config.yaml && echo -e "receivers:\n - name: noop\nroute:\n receiver: noop" > alertmanager/config_out/config.yaml']
volumeMounts:
- name: alertmanager-config
mountPath: /alertmanager/config_out
containers:
- name: alertmanager
image: prom/alertmanager:latest
args:
- --config.file=/alertmanager/config_out/config.yaml
- --storage.path=/alertmanager-data
ports:
- containerPort: 9093
name: alertmanager
resources:
limits:
cpu: 1000m
memory: 1G
requests:
cpu: 100m
memory: 200M
volumeMounts:
- name: alertmanager-config
mountPath: /alertmanager/config_out
readOnly: true
- name: alertmanager-data
mountPath: /alertmanager-data
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- all
privileged: false
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
- name: config-reloader
image: gke.gcr.io/prometheus-engine/config-reloader:v0.5.0-gke.0
args:
- --config-file=/alertmanager/config.yaml
- --config-file-output=/alertmanager/config_out/config.yaml
- --reload-url=http://localhost:9093/-/reload
- --listen-address=:19091
env:
- name: NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
ports:
- name: cfg-rel-metrics
containerPort: 19091
resources:
limits:
cpu: 10m
memory: 32M
requests:
cpu: 5m
memory: 16M
volumeMounts:
- name: config
mountPath: /alertmanager
readOnly: true
- name: alertmanager-config
mountPath: /alertmanager/config_out
securityContext:
allowPrivilegeEscalation: false
privileged: false
capabilities:
drop:
- all
runAsUser: 1000
runAsGroup: 1000
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
priorityClassName: gmp-critical
tolerations:
- effect: NoExecute
operator: Exists
- effect: NoSchedule
operator: Exists
volumes:
- name: config
secret:
secretName: alertmanager
- name: alertmanager-data
emptyDir: {}
- name: alertmanager-config
emptyDir: {}
example-app.yaml
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https:#www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apps/v1
kind: Deployment
metadata:
name: prom-example
labels:
app: prom-example
spec:
selector:
matchLabels:
app: prom-example
replicas: 3
template:
metadata:
labels:
app: prom-example
spec:
nodeSelector:
kubernetes.io/os: linux
kubernetes.io/arch: amd64
containers:
- image: nilebox/prometheus-example-app@sha256:dab60d038c5d6915af5bcbe5f0279a22b95a8c8be254153e22d7cd81b21b84c5
name: prom-example
ports:
- name: metrics
containerPort: 1234
command:
- "/main"
- "--process-metrics"
- "--go-metrics"
pod-monitoring.yaml
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https:#www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: monitoring.googleapis.com/v1
kind: PodMonitoring
metadata:
name: prom-example
labels:
app.kubernetes.io/name: prom-example
spec:
selector:
matchLabels:
app: prom-example
endpoints:
- port: metrics
interval: 30s
prometheus.yaml
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https:#www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: gmp-test:prometheus-test
rules:
- apiGroups: [""]
resources:
- pods
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: gmp-test:prometheus-test
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: gmp-test:prometheus-test
subjects:
- kind: ServiceAccount
namespace: gmp-test
name: default
---
apiVersion: v1
kind: Service
metadata:
namespace: gmp-test
name: prometheus-test
labels:
prometheus: test
spec:
type: ClusterIP
selector:
app: prometheus
prometheus: test
ports:
- name: web
port: 9090
targetPort: web
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
namespace: gmp-test
name: prometheus-test
labels:
prometheus: test
spec:
replicas: 1
selector:
matchLabels:
app: prometheus
prometheus: test
serviceName: prometheus-test
template:
metadata:
labels:
app: prometheus
prometheus: test
spec:
automountServiceAccountToken: true
nodeSelector:
kubernetes.io/arch: amd64
kubernetes.io/os: linux
containers:
- name: prometheus
image: gke.gcr.io/prometheus-engine/prometheus:v2.35.0-gmp.2-gke.0
args:
- --config.file=/prometheus/config_out/config.yaml
- --storage.tsdb.path=/prometheus/data
- --storage.tsdb.retention.time=24h
- --web.enable-lifecycle
- --storage.tsdb.no-lockfile
- --web.route-prefix=/
ports:
- name: web
containerPort: 9090
readinessProbe:
httpGet:
path: /-/ready
port: web
scheme: HTTP
resources:
requests:
memory: 400Mi
volumeMounts:
- name: config-out
mountPath: /prometheus/config_out
readOnly: true
- name: prometheus-db
mountPath: /prometheus/data
- name: config-reloader
image: gke.gcr.io/prometheus-engine/config-reloader:v0.5.0-gke.0
args:
- --config-file=/prometheus/config/config.yaml
- --config-file-output=/prometheus/config_out/config.yaml
- --reload-url=http://localhost:9090/-/reload
- --listen-address=:19091
ports:
- name: reloader-web
containerPort: 8080
resources:
limits:
cpu: 100m
memory: 50Mi
requests:
cpu: 100m
memory: 50Mi
volumeMounts:
- name: config
mountPath: /prometheus/config
- name: config-out
mountPath: /prometheus/config_out
terminationGracePeriodSeconds: 600
volumes:
- name: prometheus-db
emptyDir: {}
- name: config
configMap:
name: prometheus-test
defaultMode: 420
- name: config-out
emptyDir: {}
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: gmp-test
name: prometheus-test
labels:
prometheus: test
data:
config.yaml: |
global:
scrape_interval: 30s
scrape_configs:
# Let Prometheus scrape itself.
- job_name: prometheus
static_configs:
- targets: ['localhost:9090']
# Scrape pods with label app=prom-example across all namespaces
# on the port named 'metrics'.
- job_name: prom-example
kubernetes_sd_configs:
- role: pod
relabel_configs:
- source_labels: [__meta_kubernetes_pod_label_app]
regex: prom-example
action: keep
- source_labels: [__meta_kubernetes_namespace]
target_label: namespace
- source_labels: [__meta_kubernetes_pod_name, __meta_kubernetes_pod_container_port_name]
regex: (.+);(.+)
target_label: instance
replacement: $1:$2
action: replace
- source_labels: [__meta_kubernetes_pod_container_port_name]
regex: metrics
action: keep
frontend.yaml
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https:#www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apps/v1
kind: Deployment
metadata:
name: frontend
spec:
replicas: 2
selector:
matchLabels:
app: frontend
template:
metadata:
labels:
app: frontend
spec:
automountServiceAccountToken: true
nodeSelector:
kubernetes.io/os: linux
kubernetes.io/arch: amd64
containers:
- name: frontend
image: "gke.gcr.io/prometheus-engine/frontend:v0.5.0-gke.0"
args:
- "--web.listen-address=:9090"
- "--query.project-id=$PROJECT_ID"
ports:
- name: web
containerPort: 9090
readinessProbe:
httpGet:
path: /-/ready
port: web
livenessProbe:
httpGet:
path: /-/healthy
port: web
---
apiVersion: v1
kind: Service
metadata:
name: frontend
spec:
clusterIP: None
selector:
app: frontend
ports:
- name: web
port: 9090
grafana.yaml
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https:#www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apps/v1
kind: Deployment
metadata:
name: grafana
spec:
replicas: 1
selector:
matchLabels:
app: grafana
template:
metadata:
labels:
app: grafana
spec:
nodeSelector:
kubernetes.io/os: linux
kubernetes.io/arch: amd64
containers:
- name: grafana
image: grafana/grafana:8.3.4
ports:
- name: web
containerPort: 3000
---
apiVersion: v1
kind: Service
metadata:
name: grafana
spec:
clusterIP: None
selector:
app: grafana
ports:
- name: web
port: 3000
rule-evaluator.yaml
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# NOTE: This file is autogenerated.
apiVersion: v1
kind: ConfigMap
metadata:
name: rule-evaluator
labels:
app.kubernetes.io/name: rule-evaluator
data:
config.yaml: |
global:
external_labels: {}
evaluation_interval: 60s
rule_files:
- "/etc/rules/*.yaml"
---
apiVersion: v1
kind: ConfigMap
metadata:
name: rules
labels:
app.kubernetes.io/name: rule-evaluator
data:
rules.yaml: |
groups:
- name: example
interval: 10s
rules:
- record: job:up:sum
expr: sum without(instance) (up)
- alert: AlwaysFiring
expr: vector(1)
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: rule-evaluator
labels:
app.kubernetes.io/name: rule-evaluator
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: rule-evaluator
template:
metadata:
labels:
app.kubernetes.io/name: rule-evaluator
spec:
automountServiceAccountToken: true
nodeSelector:
kubernetes.io/os: linux
kubernetes.io/arch: amd64
containers:
- name: evaluator
image: gke.gcr.io/prometheus-engine/rule-evaluator:v0.5.0-gke.0
args:
- "--config.file=/etc/config/config.yaml"
- "--web.listen-address=:9092"
ports:
- name: r-eval-metrics
containerPort: 9092
livenessProbe:
httpGet:
path: /-/healthy
port: r-eval-metrics
readinessProbe:
httpGet:
path: /-/ready
port: r-eval-metrics
# Readiness attempts a query round-trip so we need a more generous timeout.
timeoutSeconds: 5
resources:
limits:
memory: 1G
requests:
cpu: 100m
memory: 200M
volumeMounts:
- mountPath: /etc/config
name: config
readOnly: true
- mountPath: /etc/rules
name: rules
readOnly: true
- name: config-reloader
args:
- --config-file=/etc/config/config.yaml
- --watched-dir=/etc/rules
- --reload-url=http://localhost:9092/-/reload
- --listen-address=:9093
image: gke.gcr.io/prometheus-engine/config-reloader:v0.5.0-gke.0
ports:
- containerPort: 9093
name: cfg-rel-metrics
protocol: TCP
resources:
limits:
memory: 64M
requests:
cpu: 5m
memory: 16M
volumeMounts:
- mountPath: /etc/config
name: config
readOnly: true
- mountPath: /etc/rules
name: rules
readOnly: true
volumes:
- name: config
configMap:
name: rule-evaluator
- name: rules
configMap:
name: rules
rules.yaml
# Copyright 2022 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https:#www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: monitoring.googleapis.com/v1
kind: Rules
metadata:
name: example-rules
labels:
app.kubernetes.io/name: example-rules
app.kubernetes.io/part-of: google-cloud-managed-prometheus
spec:
groups:
- name: example
interval: 30s
rules:
- record: job:up:sum
expr: sum without(instance) (up)
- alert: AlwaysFiring
expr: vector(1)